Big Sur Screen Sharing via ARD

dtmille2
Contributor III

It looks like Big Sur breaks ARD screen sharing with Macs that already have it enabled. Anyone else seeing that, and know a way to reenable it if you are remote and can't screen share on a Mac via ARD anymore because of a Big Sur upgrade?

12 REPLIES 12

mikeo
New Contributor III

I have seen the same thing, but don't have a fix. I had a system that had ARD working fine in Catalina and after the upgrade to Big Sur I can't connect graphically. I can transfer files and use UNIX commands via ARD, but I can't make a GUI connection to the machine. I've tried various kickstart commands with no success.

dtmille2
Contributor III

That's my experience too @mikeo, although I do have one Mac that I upgraded where I AM able to screen share via ARD, but so far it seems like the exception. I haven't yet been able to figure out what is different about this particular Mac that is allowing it to do so.

PaulHazelden
Valued Contributor

Is it a security permissions thing. I know Apple are tightening up on allowing remote access to Macs without User permissions.
How have you set the access for Remote Desktop?
In Jamf find the Mac and in the Management tab is it set to enable or disable Remote Desktop?
I currently set my Catalina Remote Desktop access via script, but that is only allowed because the Mac is under MDM management. I have not yet had the pleasure of Big Sur, so I am only offering suggestions.
Or is it a requirement for a PPPC setup for screen sharing for ARD?

dtmille2
Contributor III

It was enabled on with an ARD kickstart script. Macs were on 10.15, worked fine, but screen sharing stopped working after Big Sur upgrade. I have a support ticket open with Jamf now. They said they have other cases reporting this as well.

mikeo
New Contributor III

It could be something that changed from Catalina to Big Sur @PaulHazelden , but it's not documented anywhere that I can find.

I previously setup ARD access in Catalina by allowing a local admin user to have full Remote Management access in System Preferences/Sharing. I also have a PPPC setup, similar to jared_f's 5/11/2019 comment here: https://www.jamf.com/jamf-nation/discussions/29233/enable-remote-management-full-control-in-mojave#responseChild184447 .

Please keep us posted with what JAMF says @dtmille2 . I'm going to be talking to our Apple SE soon and I'll ask him about this issue when we talk.

dlondon
Valued Contributor

@dtmille2 - I'll try and check but you could too. Look at the output of that script on Catalina. I haven't had a chance to follow that rabbit but I remember seeing some output from it saying it wouldn't work in future versions of the OS

dtmille2
Contributor III

I've resolved this issue today.

I've determined that in Big Sur, the following setting needs to be configured in a Restrictions configuration profile. This was not required in Catalina, but is required for Big Sur Macs:

"Allow AirPlay, View Screen by Classroom, and Screen Sharing (macOS 10.14.4 or later, enrolled via a PreStage enrollment)"
bb64718548654277801bf836af49018f

mikeo
New Contributor III

I stumped the Apple Engineer with this one, but probably because it was a new MDM setting in JAMF. Thanks @dtmille2 , that did the trick!

user-GORqGytjlr
New Contributor

sorry for the newbie question, dtmille2, but where can I find the Restrictions configuration profile? thx

mikeo
New Contributor III

@user-GORqGytjlr , click on the Restrictions payload in your configuration profile then the Functionality tab. You'll see the screen above there.

user-cXCFMPrpub
New Contributor

Can I do this via Terminal to a remote MacMini? I don't have local access.

mhegge
Contributor III

I am experiencing issue with 11.4 machines. They do not even appear to be scannable by ARD. I briefly had access, but that went away. I am reviewing Config Profiles but I am not seeing the same issues with 11.3.1 devices.