My team recently had an unusual MDM lock ticket escalated to us. The user had already been provided with the PIN from our MDM, however the lock screen said they needed to wait 24,284,826 minutes (over 46 years!) before they could enter the PIN.
This was a new one for me so I immediately jumped on the MacAdmins Slack to see if anyone had dealt with this problem before. The fix turned out to be relatively simple, read on for the details.
Ben “MacMule” Toms shared a six year old blog post that was very similar: “iPhone is disabled. Try again in 23,053,554 minutes”
Ben’s summary seemed like a very plausible explanation of what might have happened in our case:
1. The Mac was MDM locked and left on.
2. The Mac drained it’s battery completely while in storage.
3. With a full battery drain and subsequent power on, the Mac’s clock reverted to Epoch time, (00:00:00 UTC, January 1, 1970)
An MDM locked Mac won’t connect to Wifi and we couldn’t follow Ben’s solution of using an active SIM to get his iPhone on cellular. But would an MDM locked Mac get online over Ethernet? Turns out it will!
I MDM locked my test Mac, connected a USB-C Ethernet adapter and then watched to see if it would pull a DHCP lease. I didn’t want to risk trying to roll the clock back, but with the knowledge the Mac would get online I figured it was worth a shot for our user.
Sure enough, it worked! Our user connected their M1 MacBook Air to Ethernet, waited 30 minutes, rebooted and the timer was gone. They could immediately unlock the Mac and get to work.
Yesterday a fellow MacAdmin on Slack posted about the same problem. I shared this procedure and they confirmed it worked for them as well, clearing the timer in just 30 seconds!
Pingback: Weekly News Summary for Admins — 2022-08-26 – Scripting OS X