Enforce screensaver and password to unlock

Manu_ssi
New Contributor III

Hi folks,
Does anyone know a way to enforce the screensaver after 20 minutes of inactivity and require password to unlock in Ventura?
I've been trying through a script but it doesn't seem to work, and end-users are still able to change the settings through System Settings.

Thank you!

1 ACCEPTED SOLUTION

karthikeyan_mac
Valued Contributor

@Manu_ssi We have a config profile with Login Window payload configured with "Start screen saver after 4 minutes of Inactivity" and Security and Privacy:General payload "Require Passcode to Unlock Screen" to 1 minute. This disables the Lock Screen settings in System Settings.

Screenshot 2022-11-25 at 5.09.32 PM.pngScreenshot 2022-11-25 at 5.12.10 PM.pngScreenshot 2022-11-25 at 11.45.35 AM.png

Thanks,

 

View solution in original post

5 REPLIES 5

karthikeyan_mac
Valued Contributor

@Manu_ssi We have a config profile with Login Window payload configured with "Start screen saver after 4 minutes of Inactivity" and Security and Privacy:General payload "Require Passcode to Unlock Screen" to 1 minute. This disables the Lock Screen settings in System Settings.

Screenshot 2022-11-25 at 5.09.32 PM.pngScreenshot 2022-11-25 at 5.12.10 PM.pngScreenshot 2022-11-25 at 11.45.35 AM.png

Thanks,

 

Manu_ssi
New Contributor III

Thank you @karthikeyan_mac, that seems to be working.
Unfortunately it comes with several other login settings that need to be configured in the LoginWindow payload, but it seems to be the only way to lock the setting for end-users.

AntMac
Contributor II

If you only want some of the log in windows payload configured you can also use a custom plist or custom JSON. These do appear to still work in Ventura. 


Examples:
JAMF-Custom-JSON-DeviceHardening/com.apple.screensaver.json at main · MinervaFT/JAMF-Custom-JSON-Dev...

JAMF-Custom-JSON-DeviceHardening/com.apple.screensaver.mobileconfig at main · MinervaFT/JAMF-Custom-...

piotrr
Contributor III

I haven't tested it in Ventura yet, but in my experience setting the screen saver for 20 minutes will prevent users from setting the screen saver to anything less than 20 minutes too. 

Don't forget to change the grace period too. 

tdenton
Contributor II

I have 20 minutes for screensaver to kick in if the machine is not being used. This doesn't to happen despite been set in system preferences.

 

Seems to work fine if someone is logged in. I assume it should kick in for login screen.

 

Running Ventura and jamf connect.