I set a Restrictions configuration profile to disable Find My Mac. I ensured that I'm part of the scope and that the config profile actually installed on my machine. My machine is checking in with no problem. However, I'm still able to turn on/off Find My Mac after the Restrictions profile is installed
Anyone having this issue or recommend a better way of disabling? What scares me the most is a user being able to remote wipe their Mac without IT's consent.
hey @spoe everything you need can be seen in the screenshot. You'll need to create a plist file with the below and then upload it.
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>DisableFMMiCloudSetting</key> <true/> </dict> </plist>
@DBrowning You can create an extension attribute which shows which Macs have "Find My" turned on.
if nvram -xp | grep '<key>fmm-mobileme-token-FMM</key>' > /dev/null 2>&1; then