macOs Ventura Login Items

rkeleghan
New Contributor III

hi All,

 

Looking for some advise , We are stating to release macOS Ventura to the org and we have noticed that you can disable certain apps from the Login Items on Ventura - specifically a security agent that we have running...

Is there a way to block this? or disable the user from doing it...

 

Thanks

Rob

9 REPLIES 9

gabe2385
Contributor

Hello @rkeleghan 

Here is an articles I have used to help us setup the login items: https://hammen.medium.com/managing-login-items-for-macos-ventura-e78d627f88b6

rkeleghan
New Contributor III

@gabe2385 Thanks for sending on.. yes I have seen this but Im unable to get working ...

Any advise on how to get it working ...Please send one... 
Im also looking at this - https://docs.jamf.com/technical-articles/Uploading_a_Configuration_Profile_for_Managed_Login_Items.h...

rk

scottb
Honored Contributor

The page @gabe2385 linked to is the solution - well, one.

It works if you follow the steps...

Using it here, and if I have to add more apps, I just create a new Profile and upload it...

Hello @rkeleghan 

I have noticed that it will not work if the profile is not signed when using iMazing. 

scottb
Honored Contributor

Yeah, sign them.  Make sure your info in the iMazing setup is correct before you sign it as it is not editable once in Jamf... and you can't see a lot of these new Profile details in Jamf yet as the keys for Ventura items are missing in a lot of places.  But forget how it looks and just build, then test.  It's hard not having a full GUI to see the profile bits, but it is what Apple says it is.

Will-Kriel-Hart
New Contributor II
I found this guide (and umpteen of the other guides on offer, at this AWESOME website https://hcsonline.com/support/white-papers ) to be a lifesaver.
 
 
w
 

cdenesha
Valued Contributor III

Thank you! I had never created a signing certificate, and their instructions were awesome. Uploading it to Jamf without signing it did NOT create the profile as various instructions say, and I'm on 10.42.1.

chris

roiegat
Contributor III

You could follow the lovely instructions from JAMF at:
https://docs.jamf.com/technical-articles/Uploading_a_Configuration_Profile_for_Managed_Login_Items.h...

Or you could quasi-cheat and use an app called "iMazing Profile Editor" and add the payload for Service Management - Managed Login Items.  Makes it super easy to add them.  You can use the app to also sign the profile and them upload it to JAMF Pro.  

mfletch
New Contributor III

I created a profile using iMazing and uploaded to Jamf and deployed to my test machine and it worked fine, but I didn't sign the profile. Anyone know why this would work without signing, or I guess more importantly what are the possible issues I may see down the road by not signing it?