Help

Enable Screen Sharing for localadmin acct

glozano
New Contributor II

Posted on ‎11-08-2016 08:47 AM

Hello jamf nation!,

I just realized that an old policy that was created by the previous JAMF tech here is no longer working to enable screen sharing. I created a new policy and after some digging around JN I found this to help guide me.

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -off -restart -agent -privs -all -allowAccessFor -allUsers

The thing is I don't want to allow access for all users. Just our localadmin account. Now I tried to change the -allUsers portion but it did not work. Any suggestions?

-George

Labels:
0 Kudos
Reply
4 REPLIES 4

crmeade
New Contributor III

Posted on ‎11-08-2016 09:03 AM

@glozano We use a command very similar to the one you list to force screen sharing on.

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users yourUserHere -privs -all -restart -agent -menu

Replace the username with your local admin account

Reply

glozano
New Contributor II

Posted on ‎11-08-2016 09:19 AM

THANK YOU!!!!!!!!!

-George

0 Kudos
Reply

AIR
New Contributor

Posted on ‎11-08-2016 01:43 PM

If all you want to do is enable screensharing without the additional overhead of ARD, you can try the following:

1) Add your user to the screensharing acl
sudo dscl . -append /Groups/com.apple.access_screensharing GroupMembership <userid>

2) Enable Screen Sharing
sudo launchctl load -w "/System/Library/LaunchDaemons/com.apple.screensharing.plist"

If you want to subsequently disable screen sharing, replace "load" above with "unload".

And if you want to remove the account from the acl, replace "-append" in step 1 above with "-delete"

Oh, if you want to see which user accounts already have access, do:
sudo dscl . -read /Groups/com.apple.access_screensharing | grep GroupMembership

HTH (and works for you!)

AIR.

0 Kudos
Reply

znilsson
Contributor II

Posted on ‎11-08-2016 04:24 PM

I use this script. This ensures access is only given to your admin user.

#!/bin/sh

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -users YOURADMINACCT -access -on -privs -all -restart
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -allowAccessFor -specifiedUsers -restart
0 Kudos
Reply