Activation Lock is a feature that allows device owners to lock their devices if they are misplaced or stolen. Activation Lock is available on macOS (with Apple Silicon or a T2 Security Chip), iOS, and iPadOS. This article references Apple's documentation on Activation Lock: Activation Lock on Apple devices.
Requirements
- iOS 7.1 or later
- iPadOS 13 or later
- macOS 10.15 or later with T2 chip or Apple Silicon
- Enrolled and Supervised via Automated Device Enrollment
- Device assigned to Automated Device Enrollment token within Addigy
There are two types of Activation Lock for MDM-enrolled devices: User-based Activation Lock and Device-based Activation Lock.
User-based Activation Lock
User-based Activation Lock (also known as Device Activation Lock Bypass Code in Profile Manager or known as Allowing Activation Lock in other documentation) was the first version of Activation Lock to be leveraged by end-users and MDM. Device Activation Lock is managed via a code escrowed by Addigy during enrollment and requires the device to be Supervised.
These codes are only stored on a device for a short time (two weeks or less post-setup) and are inaccessible after that period. With this version of Activation Lock, MDM stores the bypass code and can send a command that allows the device to Activation Lock if an end-user enables the Find My feature on the device.
Addigy is currently storing these codes as Device Bypass Codes within the Security tab of GoLive. We do not support User-based Activation Lock.
Device-based Activation Lock
Device-based Activation Lock (also known as Server Activation Lock Bypass code in Profile Manager or mentioned as Enable / Disable Activation Lock in other documentation) is a newer version of the functionality described above without the same configuration or limitations. While MDM Activation Lock has the same requirements below, all bypass code generation and enablement are done between Addigy and Apple Business Manager or Apple School Manager. MDM Activation Lock bypass codes can be enabled post the two-week window and be toggled on or off without the device being online. MDM Activation Lock does not require the end-user to enable Find My on the device.
Addigy is currently storing these codes as MDM Bypass code within the Security tab of GoLive. You can use this MDM Bypass Code to unlock Device-based Activation Lock devices.