Help

How can I prevent non-admin users from renaming their Macbooks on MacOS Sonoma?

Go to solution
pbileci
Contributor

Posted on ‎06-17-2024 10:11 AM

We track Macbooks by name in Jamf but students are easily able to rename their Macbooks by going to System Settings - General - About, and then just clicking and typing over the name that we set. When I look in restrictions, there's an option to restrict the entire General section but we don't want to do that. I just want to restrict the About section in General to prevent them from renaming the Mac.  

0 Kudos
Reply
1 ACCEPTED SOLUTION

Go to solution
AJPinto
Esteemed Contributor

Posted on ‎06-17-2024 11:00 AM

Removing admin access blocks most methods of changing the hostname. As for changing it in general, it's a configuration profile deploying the restrictions payload disallowing modifying the device name.

AJPinto_0-1718647183416.png

 

AJPinto_2-1718647236705.png

 

View solution in original post

Reply
7 REPLIES 7

Go to solution
AJPinto
Esteemed Contributor

Posted on ‎06-17-2024 11:00 AM

Removing admin access blocks most methods of changing the hostname. As for changing it in general, it's a configuration profile deploying the restrictions payload disallowing modifying the device name.

AJPinto_0-1718647183416.png

 

AJPinto_2-1718647236705.png

 

Reply

Go to solution
pbileci
Contributor
In response to AJPinto

Posted on ‎06-17-2024 01:48 PM

You have to uncheck that box, right? Our restrictions policy has that box unchecked, so they should NOT be able to change the name.

0 Kudos
Reply

Go to solution
DBrowning
Valued Contributor II
In response to pbileci

Posted on ‎06-18-2024 05:46 AM

Correct.  Also need to make sure the device is running macOS 14 or higher.  

0 Kudos
Reply

Go to solution
AJPinto
Esteemed Contributor
In response to pbileci

Posted on ‎06-18-2024 06:19 AM

Yep, sorry I was lazy with my screenshots. And as @DBrowning pointed out the devices need to be on macOS 14 or better (This will apply to macOS 15 when it comes out later this year).

0 Kudos
Reply

Go to solution
JamfMonkey
New Contributor
In response to AJPinto

2 weeks ago

Very Helpful!

Question: this won't prevent the IT Admin profile i have pushed out over policy from having admin rights, will it?

Thanks!

0 Kudos
Reply

Go to solution
AJPinto
Esteemed Contributor
In response to JamfMonkey

a week ago

Locking the hostname has nothing to do with removing admin access, it simply limits the ability to change the hostname locking it down to the MDM.

 

Food for thought, macOS must have at least one admin account. If you try to remove admin access from the only admin account you will get an error.

Reply

Go to solution
JamfMonkey
New Contributor
In response to AJPinto

a week ago

I didn't think so, and i got a little gun-shy, but I pushed the policy and it's working as expected. 

 

Thanks!

0 Kudos
Reply