Help

Disable the ability for a user to login

mykool
New Contributor III

Posted on ‎04-18-2019 06:04 AM

I have been asked to disable the ability for a certain user from logging into their encrypted MacBook Pro. Local account it appears. Any suggestions?

0 Kudos
2 REPLIES 2

sshort
Valued Contributor

Posted on ‎04-18-2019 08:43 AM

This sounds somewhat like an HR/People problem, but if the Mac is past the FileVault screen with a connection to your JSS, you can:

-Send a Lock Computer command
-Change the user's password

0 Kudos

mm2270
Legendary Contributor III

Posted on ‎04-18-2019 08:48 AM

An MDM Lock command would do it, and it should happen just about immediately. There's absolutely nothing you can do to prevent someone from logging in past FileVault (short of physically removing the machine from them) since the OS isn't really booted at that point and there's no network connection. As @sshort mentioned you would have to address it after they log in.

0 Kudos