Jamf Nation Community

Thanks for looking.

Unfortunately we have that set and we don't see any results. Even looking in DSCL, Directory Utility and in the /Library/Managed Preferences, that setting just does not get applied.

I'm going to re-image another machine and see if I can't get this to reproduce, or if I am dealing with a one-off issue.

thanks again.

-c

Configuration Profiles> Security and Privacy> General> [check] Require password after sleep or screen saver begins and distribute that out.

However, this has worked for me, when ran as a login policy for every user (set ongoing just in case). NOTE: I am not script kiddy but rather just some sysMgr trying to make do. Please test first.

#!/bin/bash -v
#
# MTH-ScreenLock -This script enforces screenlock on a per user basis.
# by Tim Winningham
# Orginal Version: 01-03-2014
# Modified Version: 01-08-2014

# JAMF reserves $3 for the username of the user logging in. So...
# Reset the parameter $3 to a new param named $userDir
userDir=`eval "echo ~$3"`

## Tell me what $userDir is
echo $userDir

## Now lets see if we can change this damn key
defaults write $userDir/Library/Preferences/com.apple.screensaver.plist askForPassword -int 1

## Next lets see if we can change the delay on the password
defaults write $userDir/Library/Preferences/com.apple.screensaver.plist askForPasswordDelay -int 5

exit $?

I sure hope this helps and I really wish Apple wasn't such a PITA when it comes to basic security like screen saver and screen lock. Good luck
Tim

So it turns out that the settings are working as MCX's. However, the MCX's are not being applied to the user. Only way to get it to work was to have the command...

#!/bin/sh

currentuser="get current user in your preferred method."
jamf mcx -username $currentuser

Separate issue from original message. will start a new thread.

And thanks for the script and help. I was just about ready to do something like this until i was able to figure out it was a MCX applying issue!