Some time ago, I posted the difficulties I had getting a bunch of school computers to work. Every summer, I collect all of the MacBooks, wipe them, and upgrade the operating system if necessary for the next year. Last year, I ran into Apple's little security measure that doesn't allow people to boot from external USB media without the express written permission from the Commissioner of Baseball. (Protecting people from themselves.) Most of the time, I just reload the operating system from the recovery partition. Occasionally, it becomes necessary to boot from a USB key and reinstall (or upgrade) the operating system. This time around, I had a small problem with our MDM. Instead of erasing the devices and resetting them back to a clean OS as expected, it wiped everything. All drives, all containers, everything. Including the Recovery Partition and the firmware. I promise I will never try the "Erase" option again.
Every time I tried to boot from a USB installer, I either got nothing at all (the Mac had no firmware anymore) or a message that said the administrator had not allowed me to use external media. There's no operating system on the computer, so there's no administrator to approve anything. At least I had a workaround for those systems - boot to Internet Recovery and run the installer from the USB key manually (otherwise, Recovery tried to install macOS Catalina. Um... no.) Systems that had no firmware had to be revived using Apple Configurator. These brand-new wizzbang T2 and M1 MacBook Airs work like iPads now, but good fucking luck trying to make a restore work like an iPad. As with most things on Google, it's not difficult to find four different answers to a question, and all of those answers are wrong. Hell, even Apple's support page didn't work. All I wanted to know was what buttons I hit to put it in DFU mode so I could restore it. You'd think I was asking for the cure for cancer or something. Unfortunately, there were other things going on, and I wasn't sure if any of them were actually affecting what I was trying to do. It's possible to get an error message that does not prevent you from completing a task. For example, whenever I connected two MacBooks, the one in control would give me an error message saying I couldn't connect a Thunderbolt device. A Google search on that error message said I wasn't using the right cable. One article said I could use the USB cable that came with the Mac, but another article said no, you can't use that one. I never found out the answer to that because it didn't seem like the error message mattered. After several tries, I finally managed to get it into DFU mode (spoiler alert: the instructions were wrong), and then I had to figure out which menu option I needed. You have the option to revive the system (which does something,) and then there's an option to restore the system (which does something much worse.) I tried restore first because it would replace the firmware and reload the operating system, which at this point was necessary because I had an expensive doorstop on my desk. As you may have already guessed, restore did not work. First I was getting the Thunderbolt cable error, then I was getting this constant barrage of permission prompts asking if it was really okay to connect the device that I had already connected 12 other times (because apparently Apple does not trust an IT professional to know what he is doing.) Since I needed three hands to hold down all the buttons on the dead Mac, I'm not sure how I was supposed to hit the "okay sure" button, but eventually, it would fail and go away. After several attempts and finally giving up, I figured out a workflow that works. Connect everything together, put it in DFU mode, then revive it. This got it to a point where I was able to boot it to Internet Recovery. Once the recovery menu had loaded, I could use Disk Utility to put a new volume on it (since that had been nuked.) I could then use Terminal and manually load the Ventura installer from the USB key that I was not allowed to boot from because Apple said so. Half an hour later, I had a MacBook running macOS. Not bad for two days' work.
Since writing this, I have found an app called DFU Blaster. Connect it to a Mac and put it into DFU mode with the click of a button. Cool utility when it works.