If you dual-license your software in such a way that it requires a paid license for commercial use, here are two code blobs for you.
pub fn mdm_enrollment() -> eyre::Result<(bool, Option<String>)> {
let mut command = Command::new("/usr/bin/profiles");
command.args(["status", "-type", "enrollment"]);
let stdout = command.output()?.stdout;
let output = std::str::from_utf8(&stdout)?;
if output.contains("MDM enrollment: No") {
return Ok((false, None));
}
let mut server = None;
for line in output.lines() {
if line.starts_with("MDM server") {
server = Some(line.trim_start_matches("MDM server: ").to_string())
}
}
Ok((true, server))
}
Windows⌗
pub fn mdm_enrollment() -> eyre::Result<(bool, Option<String>)> {
let mut command = Command::new("dsregcmd");
command.args(["/status"]);
let stdout = command.output()?.stdout;
let output = std::str::from_utf8(&stdout)?;
if !output.contains("MdmUrl") {
return Ok((false, None));
}
let mut server = None;
for line in output.lines() {
if line.contains("MdmUrl") {
let line = line.trim().to_string();
server = Some(line.trim_start_matches("MdmUrl : ").to_string())
}
}
Ok((true, server))
}
Looking at mobile device management (MDM) enrollment is not a silver bullet for identifying corporate devices running your software, but it is a good start.
A productive next step would be to put together a list of known corporate MDM server URLs in a public repository to allow for more granular identification.
This is something anyone with a corporate device enrolled in MDM can contribute
to by running profiles status -type enrollment on macOS or dsregcmd /status
on Windows.
If you have any questions or comments you can reach out to me on Bluesky and Mastodon.
If you’re interested in what I read to come up with software like komorebi, you can subscribe to my Software Development RSS feed.
If you’d like to watch me writing code while explaining what I’m doing, you can also subscribe to my YouTube channel.
If you would like early access to komorebi for Mac, you can sponsor me on GitHub.