- Jamf Nation Community
- Products
- Jamf Pro
- Re: Configuration profiles - preference pane - loc...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-21-2018 09:09 AM
Hello together,
we just scoped a configuration profile to some Macs to grey out some tabs in the system preferences including profiles tab. To remove the configuration profile temporary we can go to configuration profiles and put the computer name in the exclusion tab (scope). This works most of the times, but not every time and it is a bit tedious.
So I tried to remove the profile via terminal with the following command:
sudo profiles -R -p 'identifier'
But this does not work. I get the error message 101 - this profile couldn't get removed. Probably because I greyed out the profiles tab?
So my question:
Is there a way to delete the profile temporary via terminal?
Would it be better not to grey out the profiles tab? But could the users not just remove the profiles by themselves?
Maybe anyone has a completely different path?
Best regards
Maurice
Solved! Go to Solution.
Labels:
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-21-2018 12:59 PM
If the Configuration Profiles are being applied by APNS and your devices are managed there should be no option in the System Preferences GUI to remove (- button) that the user can use. If the configurations profiles are installed manually through GUI then yes there is a remove (-) option
I know anytime we need to "re-run" a configuration profile that is scoped to all machines. Instead of excluding then removing you can run the sudo jamf removemdmprofile command. This will remove the MDM profile to which you can once removed just reinstall via the sudo jamf mdm command and it will put down all configuration profiles that apply/scoped to the machine
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-21-2018 12:59 PM
If the Configuration Profiles are being applied by APNS and your devices are managed there should be no option in the System Preferences GUI to remove (- button) that the user can use. If the configurations profiles are installed manually through GUI then yes there is a remove (-) option
I know anytime we need to "re-run" a configuration profile that is scoped to all machines. Instead of excluding then removing you can run the sudo jamf removemdmprofile command. This will remove the MDM profile to which you can once removed just reinstall via the sudo jamf mdm command and it will put down all configuration profiles that apply/scoped to the machine
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-22-2018 02:53 AM
The solution I searched for. Thank you sbirdsley!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-18-2019 02:54 PM
If the Configuration Profiles are being applied by APNS and your devices are managed there should be no option in the System Preferences GUI to remove (- button) that the user can use.
Isn't the case that if you choose to allow removal in your PreStage the (-) options is there? I'm looking for a way to leave that prestage removal allowed but keep users from being able to remove manually.
Thanks
Follow up: Jamf support answered this for me: Go>Configuration Profiles>Restrictions Payload> disable Profiles in System Preferences
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-07-2019 08:47 AM
I hate to bring back an old thread but my users are Admins on their machines, if I grey out the Profiles tab what are the pros and cons of that scenario?
