Help

Block security and privacy except...

Sobchak
Contributor

Posted on ‎02-12-2015 11:02 AM

The goal of this policy is to block Security & Privacy from all users except the local admin that we push to all computers.

Here is what I have tried

Configuration profile

Under General
category = none
Distribution Method = Install automatically
Level = User Level

Under Restrictions
Preferences = uncheck extensions and security & privacy

Under Scope
Target = add the computers we want to push the policy to
Exclusions = "local account name" LDAP/Local User

Doing this leaves the Configuration Profile status as pending.
If I switch from user level to computer level it blocks security and privacy for everyone (the exclusion does not work).

0 Kudos
Reply
1 REPLY 1

bvrooman
Valued Contributor

Posted on ‎02-12-2015 01:50 PM

The user-level restriction will be applied as soon as you log into a directory-based account or an MDM-enabled account on the machine in question. If you're not using directory-based accounts, there's a guide here about enabling your accounts for MDM.

0 Kudos
Reply