This article explains how to renew MDM enrollment for a macOS device that was enrolled via Apple’s Automated Device Enrollment (ADE, formerly DEP) and is managed by Swif MDM.
Renewing enrollment can help if:
The device appears as “unmanaged” or “out of sync” in Swif
MDM commands are stuck in a pending state
You’ve recently updated MDM server settings or ABM/ASM configuration and need the Mac to re‑establish trust
Scope: This guide is for macOS devices enrolled via ADE that already have an MDM enrollment profile installed. It does not re‑run the full ADE setup or erase the device; it just renews the MDM enrollment profile.
Prerequisites
Before you start, make sure:
The Mac is ADE-enrolled
The device was originally purchased through Apple or an authorized reseller and assigned to your Apple Business Manager (ABM) / Apple School Manager (ASM) account.
The device was set up with Automated Device Enrollment into Swif (see:
You have admin access on the Mac
You can log in with a local admin or a user allowed to run
sudocommands in Terminal.
The Mac is online
Ensure it has a stable internet connection so it can reach Apple and Swif MDM servers during renewal.
Step-by-step: Renew MDM Enrollment via Terminal
Open Terminal
On the Mac, open Terminal:
Go to Applications > Utilities > Terminal, or
Press Command (⌘) + Space, type Terminal, and press Return.
Run the enrollment renewal command
In Terminal, run the following command:
sudo profiles renew -type enrollment
You’ll be prompted for your admin password. Type it and press Return.
The password will not be shown as you type (this is normal).
What the command does
When you run:
sudo profiles renew -type enrollment
macOS will:
Contact the configured MDM server (Swif MDM, for ADE devices)
Re‑establish trust and renew the MDM enrollment profile
Refresh management settings and certificates associated with that enrollment
This process does not:
Erase the device
Remove user data
Change ADE assignment in Apple Business Manager
How to Confirm Enrollment Was Renewed
After running the command, verify that the device is properly enrolled and managed.
On the Mac (locally)
Check Profiles in System Settings
Depending on macOS version:
Open System Settings (or System Preferences on older versions).
Go to Privacy & Security (or Profiles directly, if visible).
Select Profiles (or Profiles & Device Management).
Confirm that:
An MDM profile from your organization / Swif is present
The status shows as Managed and not removable by the user (for supervised ADE devices)
Check for applied settings
Within a few minutes, you should see:
Required configurations present (Wi‑Fi, restrictions, security policies, etc.)
Required apps starting to install (if configured)
In Swif MDM
In the Swif admin console, check the device record:
The device should show as Enrolled / Managed
The last check-in time should update shortly after running the command
Commands sent from Swif (e.g., configuration updates, app installs) should no longer be stuck as “Pending”
When to Use Enrollment Renewal vs. Other Actions
Use sudo profiles renew -type enrollment when:
The device is already ADE-enrolled but seems out of sync with Swif
You’ve renewed the MDM server token or changed some ABM/ASM or MDM settings and need the Mac to refresh enrollment
You want a non-destructive way to re‑establish MDM trust
Consider other actions if:
The device was not originally ADE-enrolled
The MDM profile was manually removed (and the device is not enforced as non-removable)
You need a completely fresh setup experience (in that case, you’d typically erase the device and re‑enroll via ADE during Setup Assistant)
Troubleshooting Tips
If the command does not appear to work as expected:
Command fails with a permissions error
Ensure you are using
sudoand that your user has admin rights.
No MDM profile appears after renewal
Confirm the device is correctly assigned to your MDM server in Apple Business Manager / Apple School Manager.
Make sure the device was initially set up via ADE and not manual profile installation.
Device still appears unmanaged in Swif
Give it a few minutes and make sure the Mac is online.
Try a manual Check-In if you have that option exposed in your UI / policies, then recheck the device record in Swif.