Skip to main content
Question

askForPassword value in com.apple.screensaver not showing

  • January 28, 2014
  • 4 replies
  • 25 views
C
Forum|alt.badge.img+10

On 10.9.1 has anybody else had an issue with the screensaver not accepting or respecting the settings to require a password on wake from sleep?

From the Apple documentation it looks like that is no longer supported in the config profiles. http://help.apple.com/profilemanager/mac/2.2/?lang=en-us#apd61DC0300-9361-470F-94BD-DA809DD7E7C5_1

Am I missing something? This was working on our systems, but now we can't get it to work in 10.9.1 at all!

Help.

I have tried via MCX, no luck.
I have tried with a config profile, no luck.

It just won't recognize it anymore.

    4 replies

    bentoms
    Forum|alt.badge.img+35
    • bentoms
    • Hall of Fame
    • January 28, 2014

    Seems to work for us via JAMF mcx.

    We use the "screensaver login window" MCX & set it to "user-level enforced".

    C
    Forum|alt.badge.img+10
    • ctangora
    • Author
    • Contributor
    • January 28, 2014

    Thanks for looking.

    Unfortunately we have that set and we don't see any results. Even looking in DSCL, Directory Utility and in the /Library/Managed Preferences, that setting just does not get applied.

    I'm going to re-image another machine and see if I can't get this to reproduce, or if I am dealing with a one-off issue.

    thanks again.

    -c

    W
    Forum|alt.badge.img+7
    • winningham_2
    • Contributor
    • January 29, 2014

    Configuration Profiles> Security and Privacy> General> [check] Require password after sleep or screen saver begins and distribute that out.

    However, this has worked for me, when ran as a login policy for every user (set ongoing just in case). NOTE: I am not script kiddy but rather just some sysMgr trying to make do. Please test first.

    #!/bin/bash -v
#
# MTH-ScreenLock -This script enforces screenlock on a per user basis.
# by Tim Winningham
# Orginal Version: 01-03-2014
# Modified Version: 01-08-2014

# JAMF reserves $3 for the username of the user logging in. So...
# Reset the parameter $3 to a new param named $userDir
userDir=`eval "echo ~$3"`

## Tell me what $userDir is
echo $userDir

## Now lets see if we can change this damn key
defaults write $userDir/Library/Preferences/com.apple.screensaver.plist askForPassword -int 1

## Next lets see if we can change the delay on the password
defaults write $userDir/Library/Preferences/com.apple.screensaver.plist askForPasswordDelay -int 5

exit $?

    I sure hope this helps and I really wish Apple wasn't such a PITA when it comes to basic security like screen saver and screen lock. Good luck
    Tim

    C
    Forum|alt.badge.img+10
    • ctangora
    • Author
    • Contributor
    • January 29, 2014

    So it turns out that the settings are working as MCX's. However, the MCX's are not being applied to the user. Only way to get it to work was to have the command...

    #!/bin/sh

currentuser="get current user in your preferred method."
jamf mcx -username $currentuser

    Separate issue from original message. will start a new thread.

    And thanks for the script and help. I was just about ready to do something like this until i was able to figure out it was a MCX applying issue!

    Terms & ConditionsCookie settingsAccessibility statement