Jamf Nation Community

cwaldrip · a month ago

I've got an exemption group set for a handful of machines to allow them to use Screen Sharing. But when the compliance script run's its remediation it appears to be disabling Screen Sharing.
The logs show that the rule failure being identified...

Tue Nov 5 14:14:09 UTC 2024 system_settings_screen_sharing_disable passed (Result: 0, Expected: "{'integer': 1}")

...and then where the fix should be skipped because of the exemption...

Tue Nov 5 14:15:16 UTC 2024 system_settings_screen_sharing_disable has an exemption, remediation skipped (Reason: Exception - Remote-ScreenShare)

And yet Screen Sharing is being disabled as soon as the remediation is finished. I haven't modified the script. And there are no configuration profiles or other policies running to re-disable Screen Sharing.

cwaldrip · 4 weeks ago

Got an answer over at the project's Github Page . The answer is that there are two exception values that need to be set, and I only had one of them set.

system_settings_remote_management_disable
system_settings_screen_sharing_disable

View solution in original post

sharriston · 4 weeks ago

I had a similar issue in my testing. Devices were not getting the exemptions set correctly. Turned out when I was developing my benchmarks I accidentally mistyped the plist name which stores the exemption information in my config profile. Once fixed the exemptions worked as expected.

mattjerome · 4 weeks ago

I had the same problem and ended up giving exceptions to the whole section. like if they needed airdrop giving the application access profile an exception

cwaldrip · 4 weeks ago

Got an answer over at the project's Github Page . The answer is that there are two exception values that need to be set, and I only had one of them set.

system_settings_remote_management_disable
system_settings_screen_sharing_disable

Jamf Nation Community

Jamf Compliance Script not honoring exemption