Posted on 07-14-2021 08:34 AM
I try to enable Remote Control for Big Sur with a script. I try that :
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -access -on -allowAccessFor -specifiedUsers /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -users admin -privs -DeleteFiles -ControlObserve -TextMessages -OpenQuitApps -RestartShutDown -SendFiles -ChangeSettings /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -restart -agent -menu /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate
With Apple Remote Desktop I have a black screen. I run this command :
tccutil reset ScreenCapture
No more black screen. But, I can observe, but not control! 😅
Posted on 07-14-2021 09:48 AM
You can not enable this via a script with Big Sur. It has to be an MDM command. For a quick fix, go into Jamf Pro / Management Commands / Disable Remote Desktop and then enable it again. This will keep all the settings from your script in place and will actually allow you to remote the device. At least that works for me. Hope that helps.
Posted on 07-17-2021 10:49 PM
How do you automate that? We have to toggle that setting for each machine?
Posted on 07-19-2021 04:55 AM
I only do this on an as needed bases, not every machine. It only takes a few seconds and I don't mind it. I don't believe you can do this in mass in the Jamf Pro UI. You might be able to do with with the Jamf Pro API. I'll see what I can find out.
Posted on 02-03-2022 01:24 PM
Did you get that working? I'm trying to EnableRemoteDesktop through the API but I get an error "The method specified in the request is not allowed for the resource identified by the request URI".
Posted on 04-14-2022 11:06 AM
Ever have any luck with this? Would be nice if there is a command we can trigger from the computer to automate this on the MDM side versus having to manually click the button.
Posted on 11-09-2022 11:26 AM
Chiming in would really like to be able to automate this. I did some research and it is possible to run it as a script. I am not good with scripting but this is my logic:
- Export UUID of the devices from Smart Group via API
- Flatten the UUIDs into an XML
- Apply to a script like this and change the lines to "/computercommands/commands/EnableRemoteDesktop" as per API doc
Posted on 11-10-2022 04:55 AM
That's pretty much what I did. I used powershell since that's what we have to use here on our job server. It runs several times per day and scans a smart group called "Remote Desktop Not Enabled" and calls that API. The script is a big long and uses functions from my script library, but the meat of it looks like:
Posted on 11-10-2022 09:18 AM
I am thinking more inline with running it as script on the client's computer once a day, That should be more manageable for me since I don't need to pull a Smart Group and make a XML out of it. I can supply the api credentials in the policy parameters to avoid putting them in the script.
Posted on 11-10-2022 09:25 AM
So do all of your users have Jamf accounts with permissions to execute that API? Or would you be including the username and password of an admin-level account in the script?
Posted on 11-10-2022 09:35 AM
The script will be deployed via a policy and JAMF will run the script as root. I have setup a few JAMF accounts specifically for API calls and send MDM commands. I just have to make the script to use the API account credentials in the Script parameters in the policy and the script will pull the UDID of the computer is it run on, then run an API call to JAMF to send the EnableRemoteDesktop command.
That's my theory anyways, I have not written anything in this calibre so I might not do it after all. It's likely cheaper to find a new guy in my department to make this a daily duty. 🤣
Posted on 11-10-2022 10:10 AM
A Jamf policy. Gee, why didn't I think of that? Need...more...coffeeee.....