Help Center
14 DAY FREE TRIAL
Search Close Search
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Remote Actions
  3. Admin actions

Category filter

Triggering Remote Lost Mode for macOS

Jump To

The Lost Mode remote action for macOS is a critical security measure that locks a device remotely to prevent unauthorized data access. Once activated, it displays a custom recovery message and contact details on the screen, restricts user access, and can optionally track the device’s location.

Why Enable Lost Mode for macOS?

A misplaced or stolen laptop is a major security risk. Lost Mode ensures that corporate data remains protected by placing the device in a highly restricted state until an administrator lifts the lock.

  • Restricted State: Prevents any user from accessing the system until disabled by an administrator.
  • Custom Recovery Info: Displays contact details and recovery instructions to the finder.
  • Connectivity Support: Administrators can allow access to Wi-Fi settings so the device can reconnect to a network and sync with the MDM server.
  • Audit Trail: Admins receive email notifications whenever Lost Mode is enabled or disabled on an enrolled device.

Prerequisites and Conditions

To successfully initiate and manage Lost Mode, the following technical conditions must be met:

Requirement Specification
Connectivity The device must be connected to a stable internet connection.
Power State If the device is off, Lost Mode will activate once it is powered on and regains network access.
Management The device must be enrolled in the Hexnode UEM portal.

Step-by-Step Guide: Enabling Lost Mode

Follow these steps to secure a reported lost or stolen macOS device:

  1. Log in to the Hexnode portal.
  2. Navigate to Manage > Devices and select the target device.
  3. Click on Actions > Security > Enable Lost Mode.
  4. Configure the lock screen display:
    • Custom Message/Footnote: Enter instructions for the finder (supports wildcards).
    • Phone Number: Provide a contact number (supports the %phonenumber% wildcard).
  5. Optional Settings:
    • Allow Access to Wi-Fi Settings: Enables the user to connect to available networks while the device is locked.
    • Enable Location Tracking: Initiates reporting of the device’s coordinates while Lost Mode is active.
  6. Click Enable.

Supported Wildcards for Custom Messages

You can use the following wildcards to dynamically populate device-specific info on the lock screen: %devicename%, %deviceid%, %username%, %model%, %udid%, %assettag%, %serialnumber%, %name%, %department%, %imei%, %email%, %devicenotes%, %alternateemail%, %phonenumber%, %domain%, %osname%, %wifimacaddress%, %osversion%, %iccid%, %userprincipalname%, %netbiosname%, %newline%.

Tracking and Disabling Lost Mode

Tracking Device Location

To track a lost device, you must enable Enable Location Tracking during the Lost Mode configuration.

  • Location History: View logs under the Reports tab or the device’s specific Location History tab.
  • Real-time Scan: Execute the Scan Device Location action for immediate coordinates.

Disabling Lost Mode

The device remains restricted until the administrator manually removes the lock.

  1. Navigate to Manage > Devices and select the device.
  2. Select Actions > Security > Disable Lost Mode.
Note:


Disenrolling a device while in Lost Mode will disable the lock but will also remove all remote management capabilities.

Troubleshooting Guides

Problem Potential Cause Resolution
Action is “Pending” Device is offline or powered off. Ensure the device has internet access. If powered off, it will activate once turned on and connected.
Cannot fetch location Location Tracking was not enabled during setup. Location tracking only works if Enable Location Tracking was checked during the initial Lost Mode command.
Device cannot sync Lost Wi-Fi connection. Always enable Allow Access to Wi-Fi Settings to let the device reconnect to a network while locked.

Frequently Asked Questions (FAQs)

Can the user bypass Lost Mode by restarting the device?

No. The device remains in Lost Mode until the administrator disables it from the portal.

Why should Wi-Fi access be allowed during Lost Mode?

Allowing Wi-Fi access ensures the device can connect to a network to report its location and receive the command to disable Lost Mode.

Do wildcards work for the phone number field?

The phone number field only supports the %phonenumber% wildcard. Other wildcards are supported for the Custom Message and Footnote.

Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Remote Actions