Posted on 09-09-2021 01:30 PM
We've disabled all iCloud settings for all Macs.
Restrictions > Functionality > All Allow ICloud are unchecked.
On the Mac we're still seeing access to Photos. How is Photos access disabled?
Solved! Go to Solution.
Posted on 09-10-2021 07:31 AM
From what I can tell, Jamf hasn't implemented the MDM payload to restrict iCloud photos in their Pro product yet, although it is listed as an available restriction in their Jamf Now documentation. There are two feature requests to add this functionality, which you could upvote:
Add allowCloudPhotoLibrary into your restrictions section
Missing MDM payload: allowCloudPhotoLibrary
Both feature request pages list a custom setting payload, which you could try (untested by me):
<dict>
<key>PayloadDescription</key>
<string>Configures restrictions</string>
<key>PayloadDisplayName</key>
<string>Restrictions</string>
<key>PayloadIdentifier</key>
<string>com.apple.applicationaccess</string>
<key>PayloadOrganization</key>
<string>Jimmy Swings</string>
<key>PayloadType</key>
<string>com.apple.applicationaccess</string>
<key>PayloadUUID</key>
<string></string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>allowCloudPhotoLibrary</key>
<false/>
</dict>
Posted on 09-09-2021 01:32 PM
If you don't need the photos app, you could try blocking it from running in the restricted software section of Jamf.
Posted on 09-09-2021 01:46 PM
Would like to use Photos to manage and edit the photos on the Mac. Just do not want Photos to talk to iCloud.
Posted on 09-10-2021 07:31 AM
From what I can tell, Jamf hasn't implemented the MDM payload to restrict iCloud photos in their Pro product yet, although it is listed as an available restriction in their Jamf Now documentation. There are two feature requests to add this functionality, which you could upvote:
Add allowCloudPhotoLibrary into your restrictions section
Missing MDM payload: allowCloudPhotoLibrary
Both feature request pages list a custom setting payload, which you could try (untested by me):
<dict>
<key>PayloadDescription</key>
<string>Configures restrictions</string>
<key>PayloadDisplayName</key>
<string>Restrictions</string>
<key>PayloadIdentifier</key>
<string>com.apple.applicationaccess</string>
<key>PayloadOrganization</key>
<string>Jimmy Swings</string>
<key>PayloadType</key>
<string>com.apple.applicationaccess</string>
<key>PayloadUUID</key>
<string></string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>allowCloudPhotoLibrary</key>
<false/>
</dict>
Posted on 09-11-2021 06:28 AM
The MDM payload for disabling photos is broken and has been for many major versions of the system(maybe as far back as 10.13). Despite endless feedback and enterprise tickets this has never been resolved.
I want to say it may be fixed in Monterey but it regresses every so often so who knows.
Posted on 10-22-2021 07:09 PM
Wanted to see what Jamf had to say on this issue too. Here's is their answer,
Currently Jamf Pro doesn't natively have this setting. It also looks like Apple does have an issue with the key "allowCloudPhotoLibrary = False" as well. Apple is working to have this fixed with macOS Monterey. In their testing with beta 7 its working. On Jamf's side I'm not sure when this will be added as a restriction.
Posted on 07-17-2022 06:04 PM
Hello,
Any official news with this issue?
Thank you!