{"id":75488,"date":"2023-06-05T13:11:04","date_gmt":"2023-06-05T17:11:04","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=75488"},"modified":"2024-03-26T13:13:23","modified_gmt":"2024-03-26T17:13:23","slug":"create-a-mac-or-ios-activation-lock-policy","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy","title":{"rendered":"Create a Mac or iOS Activation Lock Policy"},"content":{"rendered":"\n<p>Activation Lock is a theft-deterrent feature that makes it difficult for anyone else to use your lost or stolen macOS or iOS device. You can create a JumpCloud policy that allows Activation Lock on your organization\u2019s managed and enrolled devices and have your users turn on&nbsp;<a target=\"_blank\" href=\"https:\/\/support.apple.com\/guide\/findmy-mac\/add-your-mac-fmme9fa362b3\/mac\" rel=\"noreferrer noopener\">Find My<\/a>&nbsp;in their iCloud configuration&nbsp;to enable Activation Lock. You can use a bypass code to get by the Activation Lock to unlock a device to recover the data, without having access to the user\u2019s Apple ID. You can also clear an Activation Lock.<\/p>\n\n\n\n<p>Here\u2019s how Activation Lock works:<\/p>\n\n\n\n<ul>\n<li><strong>IT Admin creates a policy<\/strong>&nbsp;&#8211; You create a JumpCloud policy that allows Activation Lock through MDM. An Allow Activation Lock policy does not enforce a set of rules, but simply allows Activation Lock on a user\u2019s device. See&nbsp;<a href=\"#allow-activation-lock\">Create a Policy to Allow Activation Lock<\/a>&nbsp;below.<\/li>\n\n\n\n<li><strong>User enables Activation Lock<\/strong>&nbsp;&#8211; When a user sets up Find My through an iCloud account and the IT Admin has allowed Activation Lock through a policy, then Activation Lock becomes enabled. The user\u2019s macOS or iOS device must have an Apple T2 security chip. See&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/users-enable-activation-lock\" target=\"_blank\" rel=\"noreferrer noopener\">Users: Enable Activation Lock<\/a>.&nbsp;Activation Lock can deter anyone from reactivating a device without the user\u2019s permission. The user must keep Find My turned on and remember the Apple ID and password.<\/li>\n\n\n\n<li><strong>IT Admin bypasses Activation Lock in an emergency<\/strong>&nbsp;&#8211; &nbsp;If an employee leaves the company and you no longer have access to the user\u2019s Apple ID, you can use a bypass code from MDM to get past the Activation Lock. If a user\u2019s managed macOS or iOS device is lost, you would ask the user to use the Find My app to locate the device. In the previous two scenarios, the user must have turned on Find My through the user\u2019s iCloud account to&nbsp;enable Activation Lock. If the device was stolen, you can simply erase the device.<\/li>\n<\/ul>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card warning\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/warning-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Warning:<\/strong> \n<p>Occasionally, some devices running older versions of macOS will fail to erase. If the device cannot be erased, it will be locked.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p><strong>Prerequisites<\/strong>:<\/p>\n\n\n\n<ul>\n<li>Mobile Device Management (MDM) is configured for your organization. See&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/set-up-apple-mdm\" target=\"_blank\" rel=\"noreferrer noopener\">Set Up Apple MDM<\/a>.&nbsp;<\/li>\n\n\n\n<li>(Optional): Apple\u2019s Automated Device Enrollment (ADE) is configured for your organization. See&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/configure-ade\" target=\"_blank\" rel=\"noreferrer noopener\">Configure ADE<\/a>.<\/li>\n\n\n\n<li>The macOS or iOS managed device is enrolled in MDM and&nbsp;<strong>Supervised<\/strong>, either through Device Enrollment (DE) or Automated Device Enrollment (ADE). See&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/choose-an-mdm-enrollment-method\" target=\"_blank\" rel=\"noreferrer noopener\">Choose an MDM Enrollment Method<\/a>.<\/li>\n\n\n\n<li>Each device must meet these requirements to be eligible to enable Activation Lock:\n<ul>\n<li>If a macOS device, it must run&nbsp;<a target=\"_blank\" href=\"https:\/\/support.apple.com\/en-us\/HT201541\" rel=\"noreferrer noopener\">macOS Big Sur&nbsp;<\/a>or later.<\/li>\n\n\n\n<li>If an iOS device, it must run iOS 7.0 or later.<\/li>\n\n\n\n<li>If an iPadOS device, it must run iPadOS 13.0 or later.<\/li>\n\n\n\n<li>The device must use the&nbsp;<a target=\"_blank\" href=\"https:\/\/support.apple.com\/en-us\/HT208862\" rel=\"noreferrer noopener\">Apple T2 Security Chip<\/a>&nbsp;or Apple silicon.<\/li>\n\n\n\n<li>The user\u2019s Apple ID must have two-factor authentication enabled.<\/li>\n\n\n\n<li><a target=\"_blank\" href=\"https:\/\/support.apple.com\/en-us\/HT208198\" rel=\"noreferrer noopener\">Secure Boot<\/a>&nbsp;is enabled on its default setting (Full Security) with&nbsp;<strong>Disallow booting from external media selected<\/strong>&nbsp;under&nbsp;<strong>External Boot<\/strong>.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p><strong>Considerations<\/strong>:<\/p>\n\n\n\n<ul>\n<li>Devices enrolled via Automated Device Enrollment that have the Activation Lock policy applied to them will require the end-user to sign into an Apple ID via System Settings and toggle Find My to&nbsp;<strong>ON<\/strong>&nbsp;in order for \u201cclear activation lock\u201d and \u201cretrieve bypass code\u201d to work properly.<\/li>\n\n\n\n<li>For Device Enrolled devices where the Activation Lock policy was applied, and where Find My is not enabled yet, the end-user must sign into an Apple ID in System Settings and toggle Find My to&nbsp;<strong>ON&nbsp;<\/strong>in order for \u201cclear activation lock\u201d and \u201cretrieve bypass code\u201d to work properly.<\/li>\n\n\n\n<li>For Device Enrolled devices where the Activation Lock policy was applied, and Find My&nbsp;<strong>was already enabled prior to enrollment<\/strong>, then the end-user must go into the&nbsp;Apple ID Settings in System Settings and toggle Find My to&nbsp;<strong>OFF<\/strong>&nbsp;and then back&nbsp;<strong>ON<\/strong>&nbsp;in order for \u201cclear activation lock\u201d and \u201cretrieve bypass code\u201d to work properly.\n<ul>\n<li>This must be done so MDM can gain jurisdiction over Activation Lock.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Important<\/strong>: If an Admin clicks \u201cclear activation lock\u201d and an error message appears, then the Admin should verify&nbsp;locally on the device that the activation lock screen was actually cleared.\n<ul>\n<li>This is expected behavior if the activation had already been successfully cleared.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>\u200b\u200b\u200b\u200b\u200b\u200b\u200bUpon collection of a valid Activation Lock bypass code, the&nbsp;<strong>Clear Activation Lock<\/strong>&nbsp;button for the device will&nbsp;<strong>not<\/strong>&nbsp;function until Apple processes this code on their service. This may take several hours. The code may be used locally on the device during this time.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"allow-activation-lock\">Creating a Policy to Allow Activation Lock<\/h2>\n\n\n\n<p>You can create an Allow Activation Lock policy and apply it to a group of devices or a single device that will be allowed to enable Activation Lock.<\/p>\n\n\n\n<p><strong>To create a policy to allow Activation Lock<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the JumpCloud Admin Portal:&nbsp;<a target=\"_blank\" href=\"https:\/\/console.jumpcloud.com\/login\" rel=\"noreferrer noopener\">https:\/\/console.jumpcloud.com\/login<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>DEVICE MANAGEMENT &gt; Policy Management<\/strong>.<\/li>\n\n\n\n<li>Click (<strong>+<\/strong>). If your policy is for macOS devices, select&nbsp;<strong>Mac<\/strong>. If your policy is for iOS, select&nbsp;<strong>iOS<\/strong>.<\/li>\n\n\n\n<li>Locate the <strong>Allow Activation Lock<\/strong> policy, then click&nbsp;<strong>configure<\/strong>.<\/li>\n\n\n\n<li>(Optional) On the <strong>New Policy<\/strong> panel, enter a new, unique name for the policy or keep the default.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img decoding=\"async\" width=\"1024\" height=\"568\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png\" alt=\"\" class=\"wp-image-83548\" style=\"width:800px\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-300x166.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-768x426.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy.png 1399w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>Only one Activation Lock policy is allowed.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<ol start=\"6\">\n<li>Select the&nbsp;<strong>Device Groups<\/strong>&nbsp;tab, then select one or more device groups that will be affected by this policy. If you don\u2019t want to apply the policy to a device group, you can apply it to individual devices.<\/li>\n\n\n\n<li>Select the&nbsp;<strong>Devices<\/strong>&nbsp;tab, then select one or more devices that will be affected by this policy. If you don\u2019t want to apply a policy to an individual device, you can apply it to multiple devices in a device group.<\/li>\n\n\n\n<li>Click&nbsp;<strong>save<\/strong>.<\/li>\n\n\n\n<li>Click&nbsp;<strong>save<\/strong>&nbsp;again to confirm. The new policy appears on the Policies&nbsp;page in approximately one minute.<\/li>\n<\/ol>\n\n\n\n<p>The Allow Activation Lock policy&nbsp;takes effect immediately, and an Apple MDM command is sent to the device immediately or as soon as the device comes online again. After the Allow Activation Lock Policy is applied, user action is required to turn on Find My in order to enable Activation Lock for the device.&nbsp;<\/p>\n\n\n\n<p>This Apple MDM command allows Activation Lock on the device. If activation lock is already active on a device when this policy is applied, the Find My service must be deactivated by the user and then reactivated (toggled) for any collected override codes to be usable or for \u201cClear Activation Lock\u201d commands to function.<\/p>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>Removing the policy does not disable activation lock. However, if the policy is removed and the user then disables activation lock, the user will not be able to enable activation lock again.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>What\u2019s Next?<\/strong><\/h3>\n\n\n\n<p>After you create a policy to allow Activation Lock and the user turns on Find My in iCloud, Activation Lock is enabled. For user instructions, see&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/users-enable-activation-lock\" target=\"_blank\" rel=\"noreferrer noopener\">Users: Enable Activation Lock<\/a>. Users that have Managed Apple IDs cannot turn on Find My. See the&nbsp;<a href=\"https:\/\/support.apple.com\/guide\/apple-business-manager\/service-access-with-managed-apple-ids-apd435283f6b\/web\" target=\"_blank\" rel=\"noreferrer noopener\">Apple documentation<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Viewing Activation Lock Information<\/h2>\n\n\n\n<p>To view additional information related to the Activation Lock feature, perform the following steps:<\/p>\n\n\n\n<ol>\n<li>Log in to the JumpCloud Admin Portal:&nbsp;<a target=\"_blank\" href=\"https:\/\/console.jumpcloud.com\/login\" rel=\"noreferrer noopener\">https:\/\/console.jumpcloud.com\/login<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>DEVICE MANAGEMENT &gt; Devices<\/strong>.<\/li>\n\n\n\n<li>Select the device and select the&nbsp;<strong>MDM&nbsp;<\/strong>tab.<\/li>\n\n\n\n<li>Under Activation Lock Manageable, a value of&nbsp;<strong>yes&nbsp;<\/strong>indicates that this device is enrolled in MDM:<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p><strong>For macOS 11.x (Big Sur) and later &#8211;&nbsp;<\/strong>This device is enrolled in MDM (it doesn\u2019t matter how the device was enrolled in MDM).&nbsp;<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p>If a device is user-enrolled, then the Activation Lock Manageable field displays <strong>no<\/strong>. For more information about user enrollment, see&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/enroll-macos-devices-with-user-approval\" target=\"_blank\" rel=\"noreferrer noopener\">Enroll MacOS Devices with User Approval<\/a>.<\/p>\n\n\n\n<ol start=\"5\">\n<li>Under Activation Lock Allowed While Supervised,&nbsp;<strong>yes<\/strong>&nbsp;indicates that JumpCloud is applying the Activation Lock policy to allow Activation Lock for the device.&nbsp;<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>If you want to disable or prevent Activation Lock, you need to remove the policy from the device so that&nbsp;the Allow Activation Lock policy is no longer used.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p>For more information, see&nbsp;<a href=\"#allow-activation-lock\">Create a Policy to Allow Activation Lock<\/a>&nbsp;and&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/users-enable-activation-lock\" target=\"_blank\" rel=\"noreferrer noopener\">Users: Enable Activation Lock<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Retrieving a Bypass Code<\/h2>\n\n\n\n<p>MDM can provide a bypass code to clear an Activation Lock.&nbsp;<\/p>\n\n\n\n<p><strong>To retrieve a bypass code<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the JumpCloud Admin Portal:&nbsp;<a target=\"_blank\" href=\"https:\/\/console.jumpcloud.com\/login\" rel=\"noreferrer noopener\">https:\/\/console.jumpcloud.com\/login<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>DEVICE MANAGEMENT &gt; &nbsp;Devices<\/strong>.<\/li>\n\n\n\n<li>Select the device and select the&nbsp;<strong>MDM<\/strong>&nbsp;tab.<\/li>\n\n\n\n<li>Under\u00a0<strong>Activation Lock<\/strong>, determine if an MDM bypass code is available by clicking\u00a0<strong>retrieve bypass code<\/strong>. The bypass code and date\u00a0appear.<img decoding=\"async\" width=\"2136\" height=\"1498\" class=\"wp-image-107843\" style=\"width: 850px\" src=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMBypassCode.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMBypassCode.png 2136w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMBypassCode-300x210.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMBypassCode-1024x718.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMBypassCode-768x539.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMBypassCode-1536x1077.png 1536w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMBypassCode-2048x1436.png 2048w\" sizes=\"(max-width: 2136px) 100vw, 2136px\" \/>\n<ul>\n<li>If you already retrieved the bypass code but haven\u2019t yet used it, the code and its retrieval date are displayed.<\/li>\n\n\n\n<li>If the bypass code is not retrievable,&nbsp;<strong>Unavailable<\/strong>&nbsp;is displayed in this field.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<ul>\n<li>For macOS devices that were not enrolled with Automated Device Enrollment, you cannot get a bypass code. Consider upgrading to macOS 11 Big Sur or later. In some cases, a macOS 11.Big Sur and later device can have Find My turned on and Activation Lock enabled before the device is enrolled in MDM and you will not be able to retrieve a bypass code.<\/li>\n\n\n\n<li>For iOS devices that were not enrolled with Automated Device Enrollment, you cannot get a bypass code. Consider a supervised enrollment using Apple Configurator 2 to use this feature.<\/li>\n<\/ul>\n <\/div><\/div><\/div><\/div>\n\n\n\n<ol start=\"5\">\n<li>Click&nbsp;<strong>Refresh<\/strong>&nbsp;to retrieve new information from the device. New data may not be available until the device is contacted again.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>Reloading the screen will always display the most recent data that was reported. Bypass codes and recovery keys should be secured and backed up regularly.&nbsp;<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Clearing Activation Lock<\/h2>\n\n\n\n<p>If you clear the Activation Lock, the macOS device no longer has Activation Lock enabled. Clearing the Activation Lock removes all Activation Lock protection for this device and lets you bypass the Activation Lock screen. If an employee enabled Activation Lock on a device and later left the company, you can disable Activation Lock so that you can reformat the device for a new employee.<\/p>\n\n\n\n<p><strong>To clear an activation lock<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the JumpCloud Admin Portal:&nbsp;<a target=\"_blank\" href=\"https:\/\/console.jumpcloud.com\/login\" rel=\"noreferrer noopener\">https:\/\/console.jumpcloud.com\/login<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>DEVICE MANAGEMENT &gt; &nbsp;Devices<\/strong>.<\/li>\n\n\n\n<li>Select the device and select the&nbsp;<strong>MDM<\/strong>&nbsp;tab.<\/li>\n\n\n\n<li>Under Activation Lock, click\u00a0<strong>clear activation lock<\/strong>\u00a0to return the device to a status of\u00a0<em>disabled<\/em>.<img decoding=\"async\" width=\"2136\" height=\"1498\" class=\"wp-image-107844\" style=\"width: 850px\" src=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMClearActivationLock.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMClearActivationLock.png 2136w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMClearActivationLock-300x210.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMClearActivationLock-1024x718.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMClearActivationLock-768x539.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMClearActivationLock-1536x1077.png 1536w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/06\/MacMDMClearActivationLock-2048x1436.png 2048w\" sizes=\"(max-width: 2136px) 100vw, 2136px\" \/><\/li>\n\n\n\n<li>In the dialog, confirm the action by clicking&nbsp;<strong>Clear Activation Lock<\/strong>. Activation Lock is no longer enabled and the button is grayed out.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>When the &#8220;Clear Activation Lock&#8221; button is clicked, the bypass code will be sent to Apple to clear the activation lock but the Status field will not change to &#8220;disabled.&#8221; Sending additional requests to clear the activation lock on a particular device may cause a failure message in JumpCloud as the activate lock may already be cleared on a device.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p>Changes may take several minutes to update on the device.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Troubleshooting<\/h2>\n\n\n\n<p>See <a href=\"https:\/\/jumpcloud.com\/support\/troubleshoot-macos-or-ios-activation-lock-policy\">Troubleshoot: macOS or iOS Activation Lock Policy<\/a>. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Activation Lock is a theft-deterrent feature that makes it difficult for anyone else to use your lost or stolen macOS [&hellip;]<\/p>\n","protected":false},"author":203,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2925,2852,2862],"support_tag":[],"coauthors":[2837],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Create a Mac or iOS Activation Lock Policy - JumpCloud<\/title>\n<meta name=\"description\" content=\"Learn to create a Mac or iOS Activation Lock Policy, which makes it difficult for anyone else to use your lost or stolen macOS or iOS device.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Create a Mac or iOS Activation Lock Policy\" \/>\n<meta property=\"og:description\" content=\"Learn to create a Mac or iOS Activation Lock Policy, which makes it difficult for anyone else to use your lost or stolen macOS or iOS device.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-26T17:13:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"9 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"derekpietras\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy\",\"url\":\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy\",\"name\":\"Create a Mac or iOS Activation Lock Policy - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png\",\"datePublished\":\"2023-06-05T17:11:04+00:00\",\"dateModified\":\"2024-03-26T17:13:23+00:00\",\"description\":\"Learn to create a Mac or iOS Activation Lock Policy, which makes it difficult for anyone else to use your lost or stolen macOS or iOS device.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Create a Mac or iOS Activation Lock Policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Create a Mac or iOS Activation Lock Policy - JumpCloud","description":"Learn to create a Mac or iOS Activation Lock Policy, which makes it difficult for anyone else to use your lost or stolen macOS or iOS device.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy","og_locale":"en_US","og_type":"article","og_title":"Create a Mac or iOS Activation Lock Policy","og_description":"Learn to create a Mac or iOS Activation Lock Policy, which makes it difficult for anyone else to use your lost or stolen macOS or iOS device.","og_url":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy","og_site_name":"JumpCloud","article_modified_time":"2024-03-26T17:13:23+00:00","og_image":[{"url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"9 minutes","Written by":"derekpietras"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy","url":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy","name":"Create a Mac or iOS Activation Lock Policy - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png","datePublished":"2023-06-05T17:11:04+00:00","dateModified":"2024-03-26T17:13:23+00:00","description":"Learn to create a Mac or iOS Activation Lock Policy, which makes it difficult for anyone else to use your lost or stolen macOS or iOS device.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#primaryimage","url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png","contentUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/allow-activation-lock-policy-1024x568.png"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/create-a-mac-or-ios-activation-lock-policy#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Create a Mac or iOS Activation Lock Policy"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75488"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/203"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75488\/revisions"}],"predecessor-version":[{"id":107845,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75488\/revisions\/107845"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=75488"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=75488"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=75488"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=75488"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}