macOS: Safely installing Microsoft Intune
Microsoft Intune is a remote device management and supervision solution employed by some corporations.
The below instructions are written assuming macOS Catalina and APFS, the process is fairly similar for other setups.
- If your daily driver disk isn’t encrypted, go to System Preferences → Security & Privacy → FileVault and turn it on
- Boot into Recovery Mode by holding down
⌘Rduring the boot
- Open Disk Utility and create a new APFS encrypted volume
- Exit Disk Utility and choose Reinstall macOS
- NB! Be sure to install on the new volume you just created, or you risk losing all of your data
- Do not connect with iCloud because Intune reads your keychain
- Once the installation is done, reboot and log in to your blank macOS installation
- Upon boot, do not unlock your daily driver volume when prompted
- Install Intune as usual, perform enrolment and any other required actions
- Boot back into Recovery Mode, open Disk Utility, and delete the volume you created earlier
- Reboot into your daily driver and forget Intune