Skip to main content
Question

iCloud - System Admin Password Required

  • October 27, 2011
  • 4 replies
  • 40 views
M
Forum|alt.badge.img+7

Does anyone know what is happening behind the scenes with the iCloud system
preference?

We are rolling out Lion and are encouraging the use iCloud. But the fact
that it requires an admin password is causing an issue. I think it is
adding something to the user.plist... I'd like to be able to make the
necessary changes so the user isn't faced with the admin password request.

Maura

Maura Fennelly
Technology Department
Archbishop Mitty High School
mfennelly at mitty.com
408.342.4243

    4 replies

    N
    Forum|alt.badge.img+18
    • nessts
    • Valued Contributor
    • October 27, 2011

    are you sure its an admin password you are being prompted for?
    I think its to add the icloud password and ssl certificate into the keychain. which may be an admin pw now that I think about it.
    since we disable icloud everywhere at this point I don't remember from playing with it, but I would guess its adding a cert to the system keychain.

    --
    Todd Ness
    Technology Consultant/Non-Windows Services
    Americas Regional Delivery Engineering
    HP Enterprise Services

    T
    Forum|alt.badge.img+5
    • techmchs
    • Contributor
    • May 21, 2012

    Same issue here.. unfortunately you do indeed need a admin account to have users add thier iCloud ID.. iCloud takes over the device itself.. not just the user account is the reason I was given. Really makes it a PITA.. Most people who are deploying Lion at this point are just suppressing the iCloud promt, since iCloud doesn't yet have that many benefits for laptops users.

    I have also been told that you can edit the ect/authorization file to give access.. but that would give them access to other things as well..

    <key>system.services.directory.configure</key> <dict> <key>class</key> <string>rule</string> <key>comment</key> <string>For making Directory Services changes.</string> … </dict> <key>rule</key> <string>root-or-admin-or-authenticate-admin</string> </dict>

    If you find a solution please share it with us!:)

    I'm up at MC give me a call if you want..

    bentoms
    Forum|alt.badge.img+35
    • bentoms
    • Hall of Fame
    • May 21, 2012

    AFAIK, Admin access is required for:

    • Find My Mac/Back To My Mac
    • Adding AppleID to user account

    Photo stream, document saving to iCloud & bookmark syncing do not require admin credentials.

    Tbh, I'm quite happy with that... The AppleID password reset will not work if you have a directory service & it also stops a disgruntled employee from remotely wiping a mac after they have left the company.

    T
    Forum|alt.badge.img+5
    • techmchs
    • Contributor
    • May 22, 2012

    yes, makes sense.. BYOD is the way to go with apple from here on out.. honestly thinking about making all users admins next year with network time machine backups and an AD directory server... easier to manage...scrap the portable homes and MCX lock down.. think BYOD with support and direction with configuration profiles..

    Terms & ConditionsCookie settingsAccessibility statement