Configuring NTP/Time Zone settings in Big Sur

bhardawa
New Contributor III

I am banging my head against the wall with this one and I feel a though the solution should be simple. I read that Jamf Pro 10.26 is supposed to be able to permit enabling NTP/time zone settings without needing location services turned on. However, for the life of me, I cannot find documentation detailing how. I tested a custom configuration profile that does apply the settings successfully, but only if location settings are enabled. For Catalina, I currently use a script (see below). I do not want to rely on my end users turning on location settings to get this configured.

How is everyone else doing this now? Am I missing something obvious?

Current script:

#!/bin/sh
####################################################################################################
#
# DEFINE VARIABLES/PARAMETERS
#
####################################################################################################

timeserver="$4"
defaults='/usr/bin/defaults'
systemsetup='/usr/sbin/systemsetup'
uuid=$(/usr/sbin/system_profiler SPHardwareDataType | grep "Hardware UUID" | cut -c22-57)

####################################################################################################
#
# SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE
#
####################################################################################################

# Configure automatic timezone
"$defaults" write /Library/Preferences/com.apple.timezone.auto Active -bool YES
"$defaults" write /private/var/db/timed/Library/Preferences/com.apple.timed.plist TMAutomaticTimeOnlyEnabled -bool YES
"$defaults" write /private/var/db/timed/Library/Preferences/com.apple.timed.plist TMAutomaticTimeZoneEnabled -bool YES

# Configure network time server settings
"$systemsetup" -setnetworktimeserver $timeserver
"$systemsetup" -setusingnetworktime on

# Configure location services
"$defaults" write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd LocationServicesEnabled -int 1
"$defaults" write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd.$uuid LocationServicesEnabled -int 1
1 ACCEPTED SOLUTION

slang
New Contributor II

I don't get it. In my environments the user enrols his device and not any technicians. You can easily turn o/off location service with a simple command:

/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd LocationServicesEnabled -int 1

It just needs a restart. That is something you can completely automate without any user interaction.

View solution in original post

16 REPLIES 16

slang
New Contributor II

Why not turning location service on, then set the correct time zone and time and afterwards you can turn it off again?!

psliequ
Contributor III
Contributor III

Just to confirm, you set them using these keys?

bhardawa
New Contributor III

@slang , my technicians do not always provision devices. More often, we send devices to the end user. I don't want to rely on end users turning location services on and then off. That introduces an unnecessary variable to a critical configuration component that's outside of my ability control as it is happening. That will just generate more support tickets.

bhardawa
New Contributor III

@psliequ , yes. Here's the relevant, redacted portion of the config profile.

<dict>
    <key>PayloadDescription</key>
    <string>Configures Time Server settings</string>
    <key>PayloadDisplayName</key>
    <string>Time Server</string>
    <key>PayloadIdentifier</key>
    <string>REDACTED</string>
    <key>PayloadOrganization</key>
    <string></string>
    <key>**PayloadType**</key>
    <string>**com.apple.MCX**</string>
    <key>PayloadUUID</key>
    <string>REDACTED</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
    <key>**timeServer**</key>
    <string>timeserver.goes.here</string>
    <key>**timeZone**</key>
    <string>/usr/share/zoneinfo/America/New_York</string>
</dict>

So like I said, this actually works as long as we turn on location services. However, I want to be able to control this without turning on location services (or have the ability to turn on location services programmatically). It would mean we have to have a technician onsite (currently remote) to receive devices, step through setup to turn on location services, and then box the devices and send the device to the user instead of shipping directly to users. That adds time (impacting SLAs) and shipping costs—no bueno. This should be elementary so I feel as though I am missing something that is quite obvious to everyone else. Any help is appreciated. Thanks.

Here's the link that led me to believe this is possible: https://www.jamf.com/blog/macos-big-sur-same-day-support/

The specific mention reads, "This new operating system also includes key updates to MDM commands and restrictions, including the ability to set a default time zone and restrict Wi-Fi MAC address randomization."

slang
New Contributor II

I don't get it. In my environments the user enrols his device and not any technicians. You can easily turn o/off location service with a simple command:

/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd LocationServicesEnabled -int 1

It just needs a restart. That is something you can completely automate without any user interaction.

View solution in original post

bhardawa
New Contributor III

@slang , is this working in Catalina or Big Sur? That works for me in Catalina but not in Big Sur. See above for my script for Catalina. I have that line in there and it's working fine. But like I said, it's no bueno in Big Sur.

bhardawa
New Contributor III

@slang Edit: Disregard this. The reboot made the difference. Thanks.

davidi4
New Contributor III

looks like this needs to flush the cached preferences, had a user on Catalina just test this for me and the time zone didn't change immediately after the reboot, but about 10 minutes later.

Thoughts on what to killall to force the change (and perhaps eliminate the reboot)

boberito
Valued Contributor
mcxrefresh

This may do the trick. You may need the -a option. I dunno.

tcandela
Valued Contributor

ive always used the JAMF provided scripts for SetTimeZone and SetTimeServer and it looks like both scripts were updated in 12/2021 so it should work for Big Sur.

Gonna test it out

Tested out both the updated V3.0 settimezone & settimeservers on Big Sur and it worked.

@tcandela Can you share a link to the JAMF provided scripts you mentioned? (SetTimeZone and SetTimeServer)

tcandela
Valued Contributor

JAMF keeps changing the user interface and i can't find the section where they have the scripts.

I'm gonna try looking again.

@tcandela Any luck with this?

tcandela
Valued Contributor
no luck finding it. JaMF use to have a section with 'scripts' and since the GUI changes I can't find it.

tcandela
Valued Contributor

no luck. since the GUI changes JAMF has made i can't find the 'scripts' section.

horrible GUI changes

Asri-Zainal
New Contributor

https://github.com/jamf/Jamf-Nation-Scripts/blob/175bbaa10af79f0aca6cb5e06eb8af130a6e3e8a/setTimeZon...
The above script still works, just had to comment out line #126 to #132
Since we have users from different timezones, i use ip-api to set timezone based on their current location by adding simple 2-liner command below.
Add it as a self service policy and users can fix this without needing temp admin access.

 

myIP=$(curl -L -s --max-time 10 http://checkip.dyndns.org | egrep -o -m 1 '([[:digit:]]{1,3}.){3}[[:digit:]]{1,3}')

timeZone=$(curl -L -s --max-time 10 "http://ip-api.com/line/$myIP?fields=timezone")