Location Services can't be managed?

Valued Contributor

I've noticed there isn't an option to force the enablement of Location Services on a Mac. I've opened a ticket with Apple and they said this is by design for privacy. I can completely understand that on a personally owned Mac, but for a corporate owned asset, we should have full access to the device in case it's lost or stolen and we can tell the last place it was, which means enabling location and not letting someone turn it off. People don't have any expectations of privacy with work computers and things like email or what applications are installed, I don't understand why Apple is drawing a line in the sand with location.

Am I crazy for thinking this should be an MDM option?


New Contributor II

I think the problem is that basically anything you can enable via Jamf and MDM is something that can be done via a profile or potentially a script to any device. So if they were to build in a mechanism for organisations to use it could be abused and used on personal devices by malicious people.

Valued Contributor II

You've actually hit the nail on the head for quite a few things. If a device is enrolled into ABM via an authorized VAR, and then enrolled into an MDM, it should be able to control a few corporate requirements. Apple has taken personal privacy and applied it to corporate environments. But Apple is enterprise friendly. Just ask them.

New Contributor II

@easyedc I suppose the way to achieve that is to make location services something that is manageable if the device is 'supervised' because then that would generally be done via DEP or having a supervision identity on it however supervision identities can be installed offline using Apple Configurator.

Valued Contributor

I have it as one of the few setup options available to the end user in hopes they will enable it. I'm fine with having Supervision being a prerequisite, but the option should be available.

Contributor II

Is there a way to enable the Location Services for supervised iPads with iOS 14.6? Or is this still not possible?


Is this still the case, that Location Services cannot be turned on on Macs via a configuration profile or a policy? Asking because we want to go zero-touch and would like to enforce this and skip the step in the Setup Assistant.

FYI, it is possible to enforce it via a policy, we have it now deployed

That sounds very interesting, do you have more details for us, please?

The script below sets the time according to the current location, and the first part of it is also turning on the location services: 


## enabling location services
/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd LocationServicesEnabled -int 1

uuid=$(/usr/sbin/system_profiler SPHardwareDataType | grep "Hardware UUID" | cut -c22-57)
/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd.$uuid LocationServicesEnabled -int 1

## configure automatic timezone
/usr/bin/defaults write /Library/Preferences/com.apple.timezone.auto Active -bool YES
/usr/bin/defaults write /private/var/db/timed/Library/Preferences/com.apple.timed.plist TMAutomaticTimeOnlyEnabled -bool YES
/usr/bin/defaults write /private/var/db/timed/Library/Preferences/com.apple.timed.plist TMAutomaticTimeZoneEnabled -bool YES
/usr/sbin/systemsetup -setusingnetworktime on
/usr/sbin/systemsetup -gettimezone
/usr/sbin/systemsetup -getnetworktimeserver

## locking the system preferences -> Date & Time
security authorizationdb write system.preferences.datetime admin

How are you skipping the step in set-up assistant? PreStage Enrollment doesn't seem to allow it, and the policy would be run until after enrollment complete.

Thank you



I use this script to enable location service on Monterey, but reboot is required.

# 2.5.3 Enable Location Service, reboot is required
enabled=$(sudo -u "_locationd" defaults -currentHost read "/var/db/locationd/Library/Preferences/ByHost/com.apple.locationd" LocationServicesEnabled)
if [ ! $enabled = "1" ]; then
    echo "location service is not enabled, enable now, reboot is required."
    sudo -u "_locationd" defaults -currentHost write "/var/db/locationd/Library/Preferences/ByHost/com.apple.locationd" LocationServicesEnabled -int 1
    echo "location service already enabled."


Thanks Steven, I have to test this on one of our machines.

After that, `kill -HUP "$( pgrep locationd)"`. and no need restart system.