Hi - so our organization is wanting to remove admin access to all users ( windows/mac); our macs are not joined to the domain - managed with JAMF and self service portal. What is the best way to allow users the ability to temporally have admin rights on their mac and is there a white listing/approval option. I'm slowly taking over the JAMF/MAC responsibilities and just need some direction. I have been shown a script that can run in self service and also the priveleges.app but wanted feedback. On windows, I was used to a product called cyberarc in my previous role where we outlined whitelisted apps; but users could be given temporary access for specific functions/applications be either over ride or a code we would send.
