We use a profile to disable gatekeeper. This was working fine in Mavericks, but machines upgrading to Yosemite now find the value reset to "Mac App Store and identified developers". I see the profile for both versions has a com.apple.systempolicy.control payload set with AllowIdentifiedDevelopers=1 and EnableAssessment=0, but I'm not sure if EnableAssessment=0 means disable it. Even if it does Yosemite seems to be ignoring it.
Has anyone else run across this and figured out a solution? What should be set in a profile to disable Gatekeeper?
