I have the same issue … the mdm is not an authorized mdm ! This is my personal phone And iPad ! when they say don’t look at analytics its because they are clueless … since when an iPhone or iPad use architecture ARM64e ! they use arm64 … last time an iPhone was using the architecture arm64e was iPhone XS and XR ! so hello apple ! Please fix this sh and do not allow or maybe create a configuration button that will allow users to see if there is an mdm or not and not allowing the option on file provider to hide the profile on end user ! if that is done than transparency will apply then less hacking done ! Hackers are using your tools created by you apple and you are only looking at one side of the coin ! Fileprovider installed on apple devices need to be transparent and not allowing it to be hidden as clearly you can see from my below attachment ! you create great product and services - but need to also lookout for the benefits of your end users and not only enterprise benefit . I have an UNAUTHORIZED MDM INSTALLED ON MY IPHONE AND IPAD AND ON MY PERSONAL ACCOUNTS …INCLUDING BANKS! I created so many cases for apple to review and all came with “ everything works good you have no issue “ are you kidding me ? my bank account was closed without my consent ! and was accessed remotely bypassing security tokens using tunnel extensions “apple product” again … it’s like you are making the life of the hackers easier by the day by not looking at the coin on both sides ! here is a screenshot of my bank account being accessed without any security tokens ! 1- I do not see any profiles in my vpn and device management 2- the limitation in my Setup and configuration 3- in the feedback analytics it shows a fileproviderctl active as you can see here : Local device UUID: 5B7894CF-2AB1-4B2E-BDAA-468E794A1440 Messaging Protocol Version: 6 Product Type: iPad13,19 OS Build: 18.3.1 (22D72) Properties: { AppleInternal => false CPUArchitecture => arm64e ChipID => 33025 EffectiveProductionStatusSEP => true EthernetMacAddress => bc:bb:58:21:e9:69 HWModel => J272AP HasSEP => true HumanReadableProductVersionString => 18.3.1 ThinningProductType => iPad13,19 IsUIBuild => true RegionInfo => LL/A RestoreLongVersion => 22.4.72.0.0,0 DeviceSupportsLockdown => true EffectiveSecurityModeAp => true SigningFuse => true SupplementalBuildVersion => 22D72 BuildVersion => 22D72 OSVersion => 18.3.1 SensitivePropertiesVisible => true Image4CryptoHashMethod => sha2-384 MobileDeviceMinimumVersion => 1754 ProductName => iPhone OS ProductType => iPad13,19 SerialNumber => DJ267XQ41Q BootSessionUUID => 013A298B-C978-42F1-BA02-38008DDD45F8 BoardId => 22 DeviceColor => 1 EffectiveProductionStatusAp => true EffectiveSecurityModeSEP => true StoreDemoMode => false UniqueChipID => 1500335932153886 UniqueDeviceID => 00008101-0005548C2E47A01E OSInstallEnvironment => false RemoteXPCVersionFlags => 72057594037927942 CertificateProductionStatus => true CertificateSecurityMode => true DeviceClass => iPad DeviceEnclosureColor => 2 ModelNumber => MQ6K3 RegionCode => LL SecurityDomain => 1 HardwarePlatform => t8101 Image4Supported => true IsVirtualDevice => false } Services: com.apple.internal.devicecompute.CoreDeviceProxy com.apple.remote.installcoordination_proxy com.apple.mobile.lockdown.remote.untrusted com.apple.mobile.notification_proxy.remote com.apple.atc2.shim.remote com.apple.RestoreRemoteServices.restoreserviced com.apple.internal.dt.coredevice.untrusted.tunnelservice com.apple.afc.shim.remote com.apple.pcapd.shim.remote com.apple.PurpleReverseProxy.Ctrl.shim.remote com.apple.mobilebackup2.shim.remote com.apple.preboardservice_v2.shim.remote com.apple.PurpleReverseProxy.Conn.shim.remote com.apple.accessibility.axAuditDaemon.remoteserver.shim.remote com.apple.atc.shim.remote com.apple.mobile.assertion_agent.shim.remote com.apple.dt.remotepairingdeviced.lockdown.shim.remote com.apple.carkit.service.shim.remote com.apple.webinspector.shim.remote com.apple.mobile.insecure_notification_proxy.shim.remote com.apple.amfi.lockdown.shim.remote com.apple.os_trace_relay.shim.remote com.apple.internal.devicecompute.CoreDeviceProxy.shim.remote com.apple.backgroundassets.lockdownservice.shim.remote com.apple.misagent.shim.remote com.apple.mobile.file_relay.shim.remote com.apple.dt.remoteFetchSymbols com.apple.sysdiagnose.remote.trusted com.apple.fusion.remote.service com.apple.mobile.insecure_notification_proxy.remote com.apple.mobile.lockdown.remote.trusted com.apple.mobile.storage_mounter_proxy.bridge com.apple.corecaptured.remoteservice com.apple.osanalytics.logTransfer com.apple.syslog_relay.shim.remote com.apple.crashreportmover.shim.remote com.apple.commcenter.mobile-helper-cbupdateservice.shim.remote com.apple.mobile.MCInstall.shim.remote com.apple.preboardservice.shim.remote com.apple.GPUTools.MobileService.shim.remote com.apple.mobile.mobile_image_mounter.shim.remote com.apple.mobile.installation_proxy.shim.remote com.apple.bluetooth.BTPacketLogger.shim.remote com.apple.crashreportcopymobile.shim.remote com.apple.mobile.diagnostics_relay.shim.remote com.apple.mobile.house_arrest.shim.remote com.apple.mobileactivationd.shim.remote com.apple.mobile.notification_proxy.shim.remote com.apple.mobilesync.shim.remote com.apple.idamd.shim.remote com.apple.companion_proxy.shim.remote com.apple.streaming_zip_conduit.shim.remote com.apple.mobile.heartbeat.shim.remote com.apple.springboardservices.shim.remote com.apple.iosdiagnostics.relay.shim.remote com.apple.sysdiagnose.remote com.apple.security.cryptexd.remote Identity: Public key SHA256: bLdupfiK7oLuUlHEKkgsS1674lcvP9mUFH3qaVuIEYk= In addition you can see that the file provider is rooting my personal accounts from google , to iCloud, to my Microsoft account to one drive , x drive everything. ! here is the other file provider dumplog Date/Time: 2025-02-14 20:53:27 +0000, (761259207.603374) OS Version: 22D72 FP Version: 2732.80.49 uid: 501 5 providers com.apple.CloudDocs.iCloudDriveFileProvider com.apple.filesystems.UserFS.FileProvider com.apple.SMBClientProvider.FileProvider com.apple.FileProvider.LocalStorage com.apple.mobileslideshow.PhotosFileProvider Volume: /p{5}e/v{1}r/m{4}e == == CloudStorage xattrs == == FileProvider xattrs == LegacyEnabledStateHasBeenMigrated com.apple.TextEncoding: utf-8;134217984