Inadvertent lockdown of screensaver settings

BGR
New Contributor

Hi Folks,

New Casper Suite user here. I'm working on a rollout of Casper at my company and I've hit an oddity with trying to control screen saver security. It looks like the collective wisdom is to manage this by script and I've put together one that modifies the idleTime, requirePassword and timeBeforeRequiringPassword attributes in the screensaver plists by way of login policy. That seems to be working fine, however, on our test machines we're finding the screen saver preferences are greyed out on the Desktop & Screen Saver and Security & Privacy preference panes. Other preferences on those panes are unlocked.

In a way this is a nice side-effect, but in rolling this out we're going with the "trust but verify" approach.

Any ideas on why this might occur? I did check to make sure the modified plists are owned by the user, so I've ruled that out.

Thanks . . .glad to be part of such a smart community!

3 REPLIES 3

calumhunter
Valued Contributor

I wouldn't expect a script to make those greyed out. Are you sure there is not any MCX that is controlling those keys?

joshuasee
Contributor III

Also, if you have configuration profiles in use for anything, double check the details sections of the ones installed on an affected machine in ? | System Preferences | Profiles. I've noticed the JSS web interface doesn't always make it obvious what you're setting and not setting when creating them.

BGR
New Contributor

Meh, it turns out it was set in the config profile. Inspecting the details section in the profile was the key. Thanks!