Help

Access Denied to Clients on Apple Remote Desktop

christinehunt1
New Contributor

Posted on ‎08-21-2015 12:07 PM

After adding all of my clients to the JSS, I now receive the "access denied" message for these same clients in Apple Remote Desktop. Any ideas?

0 Kudos
9 REPLIES 9

davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎08-21-2015 12:10 PM

The only restriction that can be automatically applied after enrollment is SSH. This is an option you select when creating quickadd packages, imaging configurations or using recon.

If ARD access is being changed when the Mac enrols, there is likely a script, policy or config profile that is changing it.

0 Kudos

christinehunt1
New Contributor

Posted on ‎08-21-2015 12:27 PM

Is there a script that can change it back? :-)

0 Kudos

davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎08-21-2015 12:49 PM

You can use these two commands to set it how you need it:

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -allowAccessFor -specifiedUsers
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -access -on -users username -privs -all

Just replace username with the short name of the user that should have access.

0 Kudos

Aziz
Valued Contributor

Posted on ‎08-21-2015 12:50 PM

@christinehunt1

Try this

#!/bin/sh

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -users ACCOUNTUSERNAMEHERE -access -on -privs -all -restart
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -allowAccessFor -specifiedUsers -restart

edit:

@davidacland beat me to it

0 Kudos

rtrouton
Release Candidate Programs Tester

Posted on ‎08-21-2015 12:52 PM

You can also have Apple Remote Desktop provide the needed kickstart commands:

https://derflounder.wordpress.com/2013/03/07/using-apple-remote-desktop-admin-to-help-script-ard-kic...

0 Kudos

htse
Contributor III

Posted on ‎08-21-2015 01:09 PM

the enrolled system probably had their Screen Sharing service reconfigured to comply with whatever has been set for use with Casper Remote, and took out anything previously set for Remote Management.

0 Kudos

christinehunt1
New Contributor

Posted on ‎08-24-2015 10:46 AM

Thanks for the scripts. Do I run both of them?

0 Kudos

davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎08-24-2015 10:52 AM

Just one or the other should do it.

0 Kudos

christinehunt1
New Contributor

Posted on ‎08-24-2015 11:07 AM

Thanks. I'll give it a whirl.

0 Kudos