Return to Service for iOS: A smarter way to switch MDMs

Ever tried switching mobile carriers without changing your phone? It’s doable, but you’ve got to jump through a few hoops. Cancel the old service, set up the new one, and hope your number transfers smoothly. Now consider doing that not for one phone, but for hundreds of iPhones and iPads across your company.

That’s what MDM migration feels like.

Until now, moving from one MDM to another meant collecting every device, wiping them manually, and praying nothing breaks in between. But Apple’s Return to Service feature in iOS/iPadOS changes the scene. It lets IT teams remotely reset and reassign devices to a new MDM with no cables, no physical touch, and no chaos.

Let’s break down how it works, what you need to make it happen, and what to do when it’s not the right fit.

What is Return to Service?

Return to Service is a workflow introduced by Apple in 2023 with iOS/iPadOS 17. It allows IT teams to remotely erase a device, reset it, and get it enrolled back into MDM—all without physically touching the device. Unlike the regular “Erase All Content and Settings” option, which just wipes the device, Return to Service adds automation. 

MDM can send an erase command, including Wi-Fi details and an optional MDM enrollment profile, so the device can erase all data and automatically proceed to the Home Screen, ready to be used. It connects the device to Wi-Fi, skips setup screens, and pushes it straight into enrollment, making it ideal for shared iPads in stores, meeting rooms, or field use.

Now, it’s also being used as a smart way to migrate devices from one MDM to another, with minimal disruption.

How Return to Service works in MDM migration

When you use Return to Service, here’s what happens:

1. The device is erased remotely.
2. After rebooting, it connects to the internet.
3. It contacts Apple’s activation servers to check its assigned MDM.
4. Based on the updated settings in Apple Business Manager (ABM), it automatically enrolls in the new MDM.

This means you can shift devices from one system to another just by sending a remote command. You don’t need to touch each iPhone or iPad manually.

Requirements to use Return to Service

Return to Service is powerful, but not every setup can use it. Here are the exact things you’ll need:

1. MDM support

Your current MDM must support the Return to Service command. Some MDMs allow you to send this directly, while others might require a custom command with specific data formatting.

2. Devices must be wiped

Return to Service wipes the device completely. That includes all personal and work data. This makes it ideal for shared devices, but it can be a blocker for individual-use phones or tablets unless users have backup systems in place.

3. iOS/iPadOS 17 or later

Devices must be running iOS 17 or iPadOS 17 or newer. Older versions don’t support Return to Service, so upgrading is a must.

4. Apple Business Manager enrollment

The devices must be listed in your Apple Business Manager account. If they’re not, you won’t be able to assign them to the new MDM through Apple’s servers.

5. Internet access after reset

The device needs to get online after being wiped to complete the re-enrollment. That means either:

• A Wi-Fi payload is pushed to the device as part of the Return to Service command.
• The device has a working cellular connection.

6. Activation lock turned off

Find My iPhone must be disabled, and Activation Lock needs to be off. Otherwise, the device will get stuck after the reset.

7. No Authentication required during enrollment

The device should automatically enroll without requiring user authentication. This means the device must be set up for a userless enrollment, ensuring that users aren’t prompted to sign in or approve settings during the setup process.

Challenges that can block Return to Service

1. Devices with personal data

If a device holds user data, like photos, contacts, or messages, users may be reluctant to wipe it. One workaround is to ensure personal data is synced via iCloud or other cloud services. But you should never restore from an iCloud backup after the wipe. Doing so can restore the old MDM profile and undo the migration.

2. Devices not on iOS/iPadOS 17

You won’t be able to use Return to Service on devices with older operating systems. Upgrade them first, or use one of the alternative methods we’ll talk about below.

3. Devices not in Apple Business Manager

Devices not in ABM won’t work with ADE (Automated Device Enrollment), which is required for Return to Service. You can use Apple Configurator to manually add them, or ask your reseller to submit devices on your behalf.

4. No network connection after reset

If a Wi-Fi profile hasn’t been pre-deployed, the device might not connect to Wi-Fi. If the device can’t connect to Wi-Fi or cellular after being wiped, it won’t be able to contact Apple’s servers, requiring a different migration approach.

MDM command for Return to Service

Some MDMs let you send custom MDM commands using XML format. If yours doesn’t directly support Return to Service, here’s an example of what the command might look like:

xml

<dict>
    <key>RequestType</key>
    <string>EraseDevice</string>
    <key>ReturnToService</key>
    <dict>
        <key>Enabled</key>
        <true/>
        <key>WiFiProfileData</key>
        <data>base64 encoded Wi-Fi profile data</data>
    </dict>
</dict>

You’d need to replace the Wi-Fi profile data with a properly encoded payload for your network.

Alternatives to Return to Service

1. Wipe and re-enroll (Without Return to Service)

This is the old-school method. You manually send a wipe command from your current MDM. After reset, the device reboots and enrolls into the new MDM via ADE.

Pros:

• Still uses Apple Business Manager and ADE.
• Works with supervised devices.

Cons:

• Someone must interact with the device after the wipe.
• Personal data is lost unless synced.
• Takes more effort at scale.

2. Replace devices with new ones

If Return to Service isn’t worth the trouble, consider giving users new, pre-enrolled devices. They can restore their personal data (including from iCloud backups), and you get full control with a new MDM from day one.

Pros:

• Smooth transition with new hardware.
• Devices are enrolled and locked into the new MDM.

Cons:

• High cost.
• Not always feasible for large fleets.

3. Manual profile removal and reinstallation

You can manually remove the old MDM profile and install a new one. This process can be done remotely or with user help.

Pros:

• No wipe required.
• Supervision status is retained.

Cons:

• The new MDM profile is removable.
• Risk of users removing the new profile and losing security or app settings.

Final thoughts: Is Return to Service worth it?

If your devices meet all the conditions, Return to Service is a clean and scalable way to migrate corporate-owned iPhones and iPads. It’s especially handy for devices that are already shared, enrolled in ABM, and don’t carry sensitive user data.

But the setup isn’t always simple. From OS versions and network access to activation lock issues, there are plenty of ways things can go sideways.

What about Scalefusion?

While Scalefusion doesn’t offer Return to Service specifically, it focuses on making device migration and management as smooth as possible, without adding layers of complexity.

From centralized policies and simplified ADE enrollment to intuitive dashboards and deep support for shared iOS/iPadOS environments, Scalefusion iOS device management helps you stay in charge, even during major transitions. 

If you’re planning a switch and want something reliable, straightforward, and easy to manage, Scalefusion has got you covered.