I need help with standard user elevation as user should be able to forget the Wi-Fi networks as they required. in my case if it asks for admin credentials to forget the network.
is there any privilege management feature in jamf?
Page 1 / 1
good question, this is more then likely possible, by granting the rights with the security framework:
examples are as follows:
authorizationdb read right-name
authorizationdb write right-name [allow|deny|rulename]
authorizationdb remove right-name
Read/Modify authorization policy database. Without a rulename write will read a dictionary as a
plist from stdin.
Examples
security> security authorizationdb read system.privilege.admin > /tmp/aewp-def
Read definition of system.privilege.admin right.
security> security authorizationdb write system.preferences < /tmp/aewp-def
Set system.preferences to definition of system.privilege.admin right.
security> security authorizationdb write system.preferences authenticate-admin
Every change to preferences requires an Admin user to authenticate.
You need admin access to remove Wi-Fi networks as it impacts all users. Its dumb, but how Apple does things. Try giving everyone access to modify the items below and see if that helps.
#!/bin/bash
echo allowing everyone to write to network and wifi services
/usr/bin/security authorizationdb write system.preferences.network allow
/usr/bin/security authorizationdb write system.services.systemconfiguration.network allow
/usr/bin/security authorizationdb write com.apple.wifi allow
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.