I've noticed there isn't an option to force the enablement of Location Services on a Mac. I've opened a ticket with Apple and they said this is by design for privacy. I can completely understand that on a personally owned Mac, but for a corporate owned asset, we should have full access to the device in case it's lost or stolen and we can tell the last place it was, which means enabling location and not letting someone turn it off. People don't have any expectations of privacy with work computers and things like email or what applications are installed, I don't understand why Apple is drawing a line in the sand with location.
Am I crazy for thinking this should be an MDM option?
I think the problem is that basically anything you can enable via Jamf and MDM is something that can be done via a profile or potentially a script to any device. So if they were to build in a mechanism for organisations to use it could be abused and used on personal devices by malicious people.
You've actually hit the nail on the head for quite a few things. If a device is enrolled into ABM via an authorized VAR, and then enrolled into an MDM, it should be able to control a few corporate requirements. Apple has taken personal privacy and applied it to corporate environments. But Apple is enterprise friendly. Just ask them.
@easyedc I suppose the way to achieve that is to make location services something that is manageable if the device is 'supervised' because then that would generally be done via DEP or having a supervision identity on it however supervision identities can be installed offline using Apple Configurator.