Issues with TouchID login - Config profile to disable applied

New Contributor II

Hello Jamf Community, 

I have found an odd issue with TouchID that I cannot explain. On our systems, we have a Configuration Profile with the  Restriction Payload. Under Functionality we have Deselected "Allow Touch ID to unlock device". On the client systems the setting appears as it should with the sider greyed out and disabled. However if I lock the system, i am able to use touch ID to login (on a very small percentage of test systems).

I have been able to fix this issue on the system by excluding them from scope of the config profile, rebooting then removing the exclusion (adding them back to the config profile). The settings re-apply and work as they should. 

Two questions:

  1. Is anyone else seeing this issue with Touch ID and macOS 13? (are there other reports?)
  2. Would there be a way for me to tell if a system is experiencing this bug/state from an extension attribute or something?

Unfortunately I've fixed the systems with this problem.  






New Contributor II

Had this happen to a system in the wild macOS 12.6.0. It appears it's not related to Ventura. 

Does anyone know what logs to pull if this happens on systems?