- Jamf Nation Community
- Products
- Jamf Pro
- Enable Remote Management with Managed Preference
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-22-2012 12:24 PM
Anyone here know how to enable Remote Management (and only for one user) via a managed preference?
Solved! Go to Solution.
Reply
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-22-2012 12:26 PM
Why not just make a login script?
#!/bin/sh
# adminUser = Admin User Name for Remote Acces
adminUser="youruser"
##################################
# Do Not Modify Below This Line #
##################################
if [ "$4" != "" ] && [ "$adminUser" == "" ];then
adminUser=$4
fi
# DEFINE CONTROL SETTINGS
privs="-DeleteFiles -ControlObserve -TextMessages -OpenQuitApps -GenerateReports -RestartShutDown -SendFiles -ChangeSettings"
# Do Not Modify Below This Line
if [ "$adminUser" != "" ]; then
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -allowAccessFor -specifiedUsers
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -access -on -privs $privs -users $adminUser
fi
Reply
15 REPLIES 15
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-22-2012 12:26 PM
Why not just make a login script?
#!/bin/sh
# adminUser = Admin User Name for Remote Acces
adminUser="youruser"
##################################
# Do Not Modify Below This Line #
##################################
if [ "$4" != "" ] && [ "$adminUser" == "" ];then
adminUser=$4
fi
# DEFINE CONTROL SETTINGS
privs="-DeleteFiles -ControlObserve -TextMessages -OpenQuitApps -GenerateReports -RestartShutDown -SendFiles -ChangeSettings"
# Do Not Modify Below This Line
if [ "$adminUser" != "" ]; then
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -allowAccessFor -specifiedUsers
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -access -on -privs $privs -users $adminUser
fi
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-27-2012 01:35 PM
Worked like a charm. Many thanks, good sir!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-14-2014 07:42 AM
How would I do this for several users? (Ie I only want my tier 3 help desk techs to be able to remote into the senior execs computers. So enabling the standard administrator account won't work. Can't do it via AD either cause only systems and myself as the help desk manager are domain admins. So I need to be able to add 4 users to remote access.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-14-2014 07:55 AM
@JimAllsop, in his script, at the adminUser variable, just add more usernames separated with commas.
adminUser="user1,user2,user3"
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-14-2014 09:31 AM
Thanks!! I'm new to writing scripts! Thanks once again.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-12-2014 09:33 PM
Hi.
I am new to this Casper Suite and I would appreciate any help that i can get.
How do i go about turning off remote login and remote management for all local/domain users and only enable it for localadmin? (admin account name = localadmin).
Can this be done in the background?
Thanks.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-07-2015 03:29 PM
@chriscollins , So can user1, user2, user3 be AD users or do they have to already have a local profile on the machine I'm setting up?
Scenario: I have 6 Mac minis connected to 6 TV's used for monitoring for different teams. I'm trying to avoid using wireless keyboards and mice as they will get confused or misplaced etc...
I only want to allow members of each team to be able to remote to their corresponding mac mini / TV.
Would be anywhere between 2-6 people may need access to each mac mini.
Would be happy for any input anyone has.
Thanks,
Matt
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-21-2017 10:59 AM
This script works perfectly to enable remote when using DEP imaging, Prestage with a payload of a hidden user. Thanks!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-26-2019 06:57 AM
What would we enter in for adminUser if we want this script to just be installed for all users on the machine?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-04-2019 09:30 AM
Yes I would like to add ad group "domain admins". That would be cool.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-23-2019 08:40 AM
Does this script still work in 10.14?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-06-2019 10:07 AM
@stephaniemm77 Yes, just tested this on a DEP machine running 10.14.5 and it seems to have worked for me.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-06-2019 10:28 AM
I would test that workflow thoroughly using every function of ARD. I once thought that something similar to this would work and later found that it would not. It would only allow observation. I do know that this workflow will work if you add in the following PPPC profile from my screenshot here.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-09-2019 08:46 AM
Oh yes, sorry should have specified...I'm kind of lucky that the school I work for has ignored macs entirely until now. Annoying for me to figure out stuff and make it work with their windows network but I get to start from scratch. I do have that PPPC profile as part of my base config profile that is part of pre-stage enrollment.
So, DEP, PPPC, and then yes, that script is working on 10.14.5 for screen control and sharing. Jamf Remote is also following the JAMF user privileges in regards to asking end user permission before taking control or just giving control without prompt.
I started down this rabbit hole since JAMF Remote for some reason just failed to screen share on my network unless remote management was on.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-07-2019 12:27 AM
This script is awesome and we still use it in our environment. Has anyone looked into / figured out how to accomplish this via Config Profile?
Reply
