1. SimpleMDM Help Center
  2. Documentation
  3. Device Management

Device Action: Remove device

The Remove action unenrolls a device from MDM and permanently deletes its record from SimpleMDM. Unlike the Unenroll action, which keeps the device record in an unenrolled state, Remove deletes the record entirely. Critical security data such as recovery keys and bypass codes is archived in a deleted device record for future reference.

Supported platforms

The Remove action is available for all device types — iOS, iPadOS, macOS, tvOS, and visionOS. It can be used on both enrolled and unenrolled devices. There are no OS version or supervision requirements.

How to remove a device

  1. In SimpleMDM, navigate to the device's Device Details page.
  2. Click the "Actions" menu.
  3. Select "Remove".
  4. Confirm the action when prompted.

The Remove action can also be used as a bulk action from the Devices list to remove multiple devices at once.

What happens when a device is removed

When a device is removed:

  • If the device is currently enrolled, SimpleMDM sends an unenroll notification to remove the MDM enrollment profile and all managed configurations from the device.
  • App licenses assigned through Apple Business Manager are revoked.
  • On macOS, the SimpleMDM Agent is uninstalled.
  • The device record is permanently deleted from SimpleMDM.
  • A deleted device record is created to preserve security-related data such as FileVault recovery keys, firmware passwords, recovery lock passwords, Activation Lock bypass codes, and bootstrap tokens.

The deletion is processed asynchronously — after confirming, the device is scheduled for removal in the background.

Remove vs. Unenroll

The Unenroll action removes MDM management from the device but keeps its record in SimpleMDM. The device can re-enroll later and its record will be reused. The Remove action does everything Unenroll does, and also permanently deletes the device record from SimpleMDM. Use Unenroll if you plan to re-enroll the device later. Use Remove if the device is being decommissioned or you no longer need its record.

Automated Device Enrollment (ADE) devices

When a device registered in Apple Business Manager is removed, SimpleMDM automatically recreates a placeholder record from the device's ADE assignment. This new record appears in the devices list in an "awaiting enrollment" state, ready for the device to re-enroll the next time it goes through Setup Assistant.

Devices that are currently in an "awaiting enrollment" state cannot be removed. The "Remove" option will not appear for these devices.

Deleted device records

After a device is removed, a deleted device record is preserved under Devices > Deleted Devices. This record retains security-critical information including FileVault recovery keys, firmware passwords, recovery lock passwords, Activation Lock bypass codes, and bootstrap tokens. Admins can also disable Activation Lock and re-send the unenroll command from the deleted device record.

Notes

  • Removing a device cannot be undone. If the device re-enrolls, it will be treated as a new enrollment (unless it is an ADE device, in which case the recreated placeholder record is used).
  • Security-related data is preserved in the deleted device record even after the device is removed. This data remains accessible to admins.
Eric McCann
Updated
Was this article helpful?