Posted on 11-15-2024 09:01 AM
Has anyone tried to disable iCloud Private Relay? I'm using the Plist below, but it only hides the iCloud Private Relay option in the iCloud settings and doesn't actually disable it. I still found it to be ON.
Has anyone else experienced this or found another way to disable iCloud Private Relay?
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>allowCloudPrivateRelay</key>
<false/>
</dict>
</plist>
Posted on 11-15-2024 09:11 AM
We dont allow AppleID's so I dont have 1st hand experience with it. However, have you tried blocking or filtering the ports/hosts Private Relay uses?
https://support.apple.com/en-us/101555
mask.icloud.com |
443 |
UDP |
iOS, iPadOS, macOS, and visionOS |
iCloud Private Relay |
— |
mask-h2.icloud.com |
443 |
TCP |
iOS, iPadOS, macOS, and visionOS |
iCloud Private Relay |
— |
mask-api.icloud.com |
443 |
TCP |
iOS, iPadOS, macOS, and visionOS |
iCloud Private Relay |
Yes |
Posted on 11-15-2024 10:15 AM
@Shyamsundar That is not uncommon with Apple's MDM restrictions for iCloud related features - they simply disable changing the setting in the System Settings UI but if the feature is on it isn't forced to be off.
Posted on 11-15-2024 01:17 PM
I believe users have to turn this off themselves. I had to setup disabling access to logging in with an Apple ID a couple of years ago. I had to have the users turn off Find my Mac themselves. I couldn't turn it off using a policy or profile. I was only able to setup a policy to nag them until they turned it off.
Posted on 11-17-2024 03:39 PM
You can create a configuration profile and disable particular services like that - Restrictions -> Functionality tab -> iCloud private relay
I would recommend scoping to test on a spare device.