Edit Disclaimer on Login Screen

apanages
New Contributor

Hello,

At one point a co-worker of mine placed a disclaimer on the login screen page and changes are needed to be made now but I can not find where that information is located to change. Would anyone know where that information is stored so I can update that information.

I know its coming from Casper becuase after a Mac is imaged that disclaimer is shown on the login page after boot.

Thanks,

-Anthony

9 REPLIES 9

kitzy
Contributor III

Hi @apanages,

Have a look at these Apple kbase articles, they may help you.

https://support.apple.com/en-us/HT202277

https://support.apple.com/en-us/HT203580

Once you've determined if it's a login window message or a policy banner, we can dig a little deeper and see what's setting it in your JSS.

Look
Valued Contributor III

Couple of likely candidates:
Configuration Profile
Package deploying to /Library/Security/PolicyBanner.rtfd

apanages
New Contributor

@kitzy Thanks for jumping in and helping me out with this issue. After reviewing your links it would be the second one which is the "Login Windows Message".

Just for the heck of it I went into System Preferences > Security & Privacy > Checked the Show a message when the screen is locked box and typed in "test". After rebooting the login windows message did not changed to "test" but stayed to the old out dated one my co-worker wrote a long time ago. This is making me think that its a setting in the JSS somewhere.

Let me know if you need more information from me.

Thanks!

kitzy
Contributor III

@apanages have a look in your configuration profiles, specifically for a profile with the "Login Window" payload. There is a section under "Window" called "Banner" that will most likely contain the text you're seeing on your machine's login window.

If you change this text, save the profile, and click "distribute to all", you should see that text update on all of your machines.

apanages
New Contributor

@kitzy I followed your direction and navigated to the Banner section where the box was empty. I went ahead and entered in "Test" to see if that would overwrite the old one. After a restart the text showed "Test", however once I logged in and logged out the text reverted back to the older disclaimer that my co-worker wrote. After a few reboots it was going back and forth. It seems that the two are fighting over which one to display. That old text is located somewhere and seems to be overwriting whatever new text I am placing in the profile.

Any suggestions?

Thanks.

jarednichols
Honored Contributor

Dumb question.... is it a photoshoped default wallpaper? Before HT202277 came along we'd simply take the default desktop that's displayed behind the login window and edit it. Place a text layer, flatten it, keep it the same name and deploy it. We'd just make sure it was formatted such that it was visible on all screen resolutions.

kitzy
Contributor III

@apanages Hmm, that's a weird one. It's quite possible that it's a photoshopped default wallpaper as @jarednichols said, but I'm guessing there's something else that's fighting your profile for the rights to set the loginwindow banner. Have you looked through all your other profiles to see if any of them contain a Login Window payload? That would be my first guess.

kitzy
Contributor III

It's also possible that this text is being set via a script somewhere. Llook for a script or a policy that's doing something like this:

defaults write /Library/Preferences/com.apple.loginwindow LoginwindowText "Your login window message text goes here"

apizz
Valued Contributor

What we've been doing for a few years now is keeping our disclaimer or policy banner, whatever you want to call it, as a Google Doc which we update from time to time. When it comes time for imaging, we download it as an .rtf file, make sure the formatting is OK, and then rename it as PolicyBanner.rtf.

Copy the PolicyBanner.rtf file to the /Library/Security/ directory and drag the file from this location into Composer to make it a package source. Make sure the permissions of the file are readable and executable by everyone and build your package. You can then push your login window message as a policy to all your managed computers.