Jamf Nation Community

DaMacGuy · ‎09-27-2023

In Sonma the default behavior when you click on the Desktop is to show Stage Manager. This is going to cause a lot of calls to our help desk. I'm writing a KB article for them, but a Config Profile to change the setting from the default "Always" to "Only in Stage Manager" would help, a lot. Never created a custom profile before but I'm looking through documents now. Anyone already done this though? or faster at it than I? We probably won't be deploying until end of the month at the earliest (Netskope won't have a compatible release for at least another 2-3 weeks).

-Chris

efil4xiN · ‎09-27-2023

Have you seen Rich's write up?

View solution in original post

efil4xiN · ‎09-27-2023

Have you seen Rich's write up?

DaMacGuy · ‎09-27-2023

Of course @rtrouton has the answer already. I wish he had a Patreon page or something. LOL I'd send a buck *or 5) every time he's answered my question before I had it. ;-)

-Chris

marlink · ‎01-09-2024

For anyone searching for this later (like I just did), look for Rich's post from September 26, 2023 -- or the link below should take you directly to it:

https://derflounder.wordpress.com/2023/09/26/managing-the-click-wallpaper-to-reveal-desktop-setting-...

iamYaje · ‎01-29-2024

Much appreciated!

malevy · ‎02-02-2024

Having trouble with getting this up and running. Added the XML and the domain of - com.apple.WindowManager to a custom profile. Scoped to device, log shows it completed. Restarted device but click to reveal desktop still turned on. Must be missing something on my end

iamYaje · ‎02-02-2024

I recommend accessing the link posted by Marlink above, and going to the September 26th post. There, a custom configuration profile (.mobileconfig) is linked, that contains the XML of the requisite .plist, and can be downloaded, signed, and then uploaded to your site as a configuration profile.

FYI, In reviewing the XML of the .mobileconfig that was shared in the link, it looks to me like it may have been created using a tool like mcxtoprofile.

malevy · ‎02-02-2024

Thanks but I still am somewhat confused (sorry, new to Mac administration).

I took the XML from here and pasted that into the plist and put com.apple.WindowManager as the domain. I restarted the device (as I can see the comments on his original post mention that it's needed. It still is not disabling the feature. Profile log comes back as completed even though it's not disabled

iamYaje · ‎02-02-2024

From that page you linked, click the dots in the top-right corner, click on file, and hit the download button to grab the .mobileconfig file. That file can be opened in an editor like BBEdit. There you can alter the payload as needed (see key-value pairs like "company name") and you can save it as a .mobileconfig. Then you can create a signing certificate using the MacOS Keychain App (you can look up how to do that, I think you'd want a code signing signature). Signing the profile ensures that it is processed "as-is" in Jamf Pro when uploaded as a configuration profile.

Generally speaking, I've had more success with uploading signed .mobileconfigs after editing them in an editor rather than pasting XML directly into the Custom Settings payload in Jamf. The containing information that you want in the payload ends up looking like this (in Jamf) when you upload the .mobileconfig file as a Configuration Profile and view the content:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>EnableStandardClickToShowDesktop</key>
    <false/>
  </dict>
</plist>

Even though the full code of the XML is included in the .mobileconfig and looks like the XML that you copied from the link:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadContent</key>
			<dict>
				<key>com.apple.WindowManager</key>
				<dict>
					<key>Forced</key>
					<array>
						<dict>
							<key>mcx_preference_settings</key>
							<dict>
								<key>EnableStandardClickToShowDesktop</key>
								<false/>
							</dict>
						</dict>
					</array>
				</dict>
			</dict>
			<key>PayloadDisplayName</key>
			<string>Custom Settings</string>
			<key>PayloadIdentifier</key>
			<string>E767B274-DF2C-46D2-8E50-69DB06DD1B61</string>
			<key>PayloadOrganization</key>
			<string>Company Name</string>
			<key>PayloadType</key>
			<string>com.apple.ManagedClient.preferences</string>
			<key>PayloadUUID</key>
			<string>E767B274-DF2C-46D2-8E50-69DB06DD1B61</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Manages the "Click Wallpaper To Show Desktop Items" setting in System Settings: Desktop &amp; Dock.</string>
	<key>PayloadDisplayName</key>
	<string>Manage Click Wallpaper To Show Desktop Items</string>
	<key>PayloadEnabled</key>
	<true/>
	<key>PayloadIdentifier</key>
	<string>003E8F91-7DC2-406C-B252-C46BA114AB22</string>
	<key>PayloadOrganization</key>
	<string>Company Name</string>
	<key>PayloadRemovalDisallowed</key>
	<true/>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>003E8F91-7DC2-406C-B252-C46BA114AB22</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

Give the method of uploading the .mobileconfig a try and see if it works. Feel free to share the XML you're uploading. I've only been working as a Mac Admin for a short time, but there are some real pros lurking in these forums.

malevy · ‎02-05-2024

THANK YOU! It was al of the extra lines in the OG XML file. After shortening it, it's now working!

Jamf Nation Community

Config Profile to manage Sonoma's new default Stage Manager behavior