Help

Opening up Energy Saver and Date & Time in System Preferences

ianmb
Contributor

Posted on ‎03-06-2015 09:27 AM

We have a requirement to open up the Energy Saver and Date & Time items within System Preferences so that a Standard User is able to modify these system-wide settings without entering an Administrator password, if at all possible.

I understand that this may be possible via a Configuration Profile. If so, could somebody walk me through the recommended workflow in the JSS?

0 Kudos
Reply
4 REPLIES 4

gregneagle
Valued Contributor

Posted on ‎03-06-2015 09:55 AM

This is not possible via a configuration profile. One must modify the authorization database, and this boils down to scripting.

Graham Gilbert has posted scripts that he uses with Munki, and wrote about them here: http://grahamgilbert.com/blog/2013/12/22/managing-the-authorization-database-with-munki/

Perhaps a JAMFNationer could rework these for optimal use with Casper.

0 Kudos
Reply

gregneagle
Valued Contributor

Posted on ‎03-06-2015 10:01 AM

Other links:

https://derflounder.wordpress.com/2014/02/16/managing-the-authorization-database-in-os-x-mavericks/
http://docs.macsysadmin.se/2012/video/Day2Session7.m4v

0 Kudos
Reply

ianmb
Contributor

Posted on ‎03-12-2015 06:57 AM

Thanks for the pointers.

I found this discussion, and hence was able to do:

security authorizationdb write system.preferences allow security authorizationdb write system.preferences.energysaver allow
0 Kudos
Reply

jski
New Contributor

Posted on ‎09-09-2015 02:39 PM

This has been tremendously helpful thank you.

Wondering though -> is there a way to deny this access once allowed? We tested it and the allow works like a charm, but when we attempt to deny them again, we get a confirmation but the preferences still don't require admin (even after reboot).

This isn't a huge deal, but it'd be nice to know we can revoke the access if need be. Any thoughts?

This is on Yosemite btw

0 Kudos
Reply