Config Profile to Fully Disable Airdrop Mac OS Big Sur

Matt_Roy93
Contributor

I am looking for a way to fully disable Airdrop for CIS standard security reasons on our Macs, the typical 

defaults write com.apple.NetworkBrowser DisableAirDrop -bool YES removes the option from finder but this option still lives in the go menu and the CIS check continues to fail.  Any Ideas or special config profiles people have created?
1 ACCEPTED SOLUTION

boberito
Valued Contributor

You should be using a configuration profile to block airdrop. 

https://github.com/usnistgov/macos_security/blob/main/rules/os/os_airdrop_disable.yaml 

But also after disabling you may have to logout or restart in order to get rid of everything and fully disable it.

View solution in original post

13 REPLIES 13

tlarkin
Honored Contributor

Yeah we block airdrop in the media restrictions and I think `sharingd` in the application firewall which is the bonjour process that Air Drop uses 

boberito
Valued Contributor

You should be using a configuration profile to block airdrop. 

https://github.com/usnistgov/macos_security/blob/main/rules/os/os_airdrop_disable.yaml 

But also after disabling you may have to logout or restart in order to get rid of everything and fully disable it.

Thank you for the link and info.

How do the YAML files in the link you provided work with Jamf? I hope you can help me answer. Thank you very much

user-nrEKyEeSDZ
New Contributor

Can you please provide Bash script

Hi, hello.
Thank you very much for your reply. I have tested using scripts or commands. The restart does not take effect. Of course it is because my equipment is controlled by Jamf. There is mutual exclusion in the restricted type of load. I refer to the Manual of Apple Platform Deployment, and the function of user description file push is normal. But be aware of the problem of being mutually exclusive in the same scope and payload type. So far I have solved this problem. This is done according to the Apple manual. https://support.apple.com/zh-cn/guide/deployment/dep01d95140c/1/web/1.0
————————————————————————————————
高亚静 售前工程师
北京和诚诺信科技有限公司西安分公司
陕西省西安市高新区天谷八路211号环普产业园G3楼1F-101号
Beijing Hecheng Nuoxin Technology Co., Ltd. Xi 'an Branch
No. 1F-101, G3, Huanpu Industrial Park, No. 211, Tiangu Eighth Road, Xi 'an High-tech Zone, Shaanxi Province
Office : 029-68204033
Mobile :18629022670
Email:gaoyj@sunpiestore.com

Matt_Roy93
Contributor

Here is the script to disable Airdrop, "defaults write com.apple.NetworkBrowser DisableAirDrop -bool YES" It does require user logout, login or reboot.  Also FYI the config profile method is the best practice way of disabling this.

nachiket_s
New Contributor III

Try executing "killall Finder" command after you execute  "defaults write com.apple.NetworkBrowser DisableAirDrop -bool YES" command.

Its working for me and I no longer see Airdrop in Go Menu and if you try to access it from spotlight then it will show following error - The operation can't be completed because the item can't be found.

If you want to reenable it do the same process but with NO syntax in the default.write command

s_patang
New Contributor II

Hi @nachiket_s thank you for your input.  I cant get airdrop to disable for the life of me.  Can you clarify exactly where I put "defaults write com.apple.NetworkBrowser DisableAirDrop -bool YES"

is this suppose to be added to a configuration profile or do I create a policy?  if you can assist with the steps you took that would be amazing! 

nachiket_s
New Contributor III

This is my method which is working seamlessly for me..other users can try their own methods as well

1) New Macbooks without airdrop enabled already - Created a configuration profile to disable the airdrop button on all systems in inventory

2) For existing macbooks where airdrop shortcuts are already present in the finder--> Pushed the above profile on existing enrolled systems as well and created a smart group which detects the presence of about mentioned configuration profile and scoped this group with attached script to disable the airdrop completely and kill the finder process to remove the shortcuts.

3) Ask the user to log out and log in again

I have found that step 3 is necessary otherwise users can still access airdrop from finder shotcuts or spotlights

 

 

 

#!/bin/sh
## postinstall

tell application "Terminal"
	activate
	#do script "defaults write com.apple.NetworkBrowser DisableAirDrop -bool YES" in window 1
	#do script "killall finder" in window 1
    quit

 

 

 

Sanchi
Contributor

This code as a custom payload in a Config Profile will do it.  Set the domain to: com.apple.applicationaccess

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>allowAirDrop</key>
	<false/>
</dict>
</plist>


Set to "true" if you want to turn it on. 

jlombardo
Contributor

Has anyone found a good way to write an Extension Attribute to let someone know if Airdrop is enabled or disabled?  I am having issues finding the plist I can parse that information

jagir001
New Contributor

Is anyone aware of any script that can be added as a payload, or other alternative, to disable receiving within AirDrop? Our org is trying to implement a send-only policy, but to my knowledge this does not exist outside of individual AirDrop settings.