Skip to main content
Question

Problem setting screen lock on Mac


Forum|alt.badge.img+6
  • Contributor
  • 19 replies

Hi,

We tried to create a policy for setting a password on a screen lock after 5 seconds and created a policy in Configuration Policies > Security and Privacy
However the Mac does not ask for a password after a user locks the screen or puts it to sleep.

If I remove the policy and set the lock-policy manually, it works fine...

What did we do wrong?

8 replies

Forum|alt.badge.img+8
  • Contributor
  • 143 replies
  • February 24, 2016

We are having this same issue. In our case it appears to be that the Login Window configuration profile has in its payload 'Screensaver ask for password = False'. This conflicts with our Security & Privacy profile that tells it to ask for a password immediately. Apple's documentation says that when two different profiles set conflicting data to one setting that it is left 'undefined'. I am not sure what this means but it leaves laptops unlocked.

Jamf's solution to our problem was to create a third profile and set this setting and install it using a package and the a terminal profiles command to install it. This does not always work in our case and a restart is known to some times make it stop working.

There is this known issue:
[D-007999] Screen saver settings in a configuration profile that is removed and re-applied to a computer are not retained.

This I believe is describing this issue (?) because the JSS will periodically re-install all the station's configuration profiles. It seems to aha started on our stations after the update to 9.2 and after the configuration profiles were re-installed automatically on stations. Fresh images also have had this problem so the re-isntall part may not be exactly accurate.

I hope some of this helps give you few idea since this is just from my experience and testing. I am hoping this gets fixed in JSS 9.3 when that gets released.


Forum|alt.badge.img+5
  • Contributor
  • 27 replies
  • February 24, 2016

I am also having the same issue after it was working a couple days ago. I have setup a call with Jamf to see if this is a known issue. It seems to be happening all over the place. If they have a fix I will update when I have more information.


Forum|alt.badge.img+8
  • Contributor
  • 82 replies
  • February 24, 2016

We have this issue as well. We were also provided the fix from JAMF, but after re-boot it does not work for us consistently. When you have 2 profiles with conflicting information what happens is undefined.


Forum|alt.badge.img+6
  • Author
  • Contributor
  • 19 replies
  • February 24, 2016

thanks for your replies.
We just disabled the "Login Window"-policy and the password works fine again. What we are going to do is make a script with a few 'default write' commands.

let's hope JAMF fixes the issue in the next version of the Casper-suite (9.83 of 9.9)


Forum|alt.badge.img+6
  • Contributor
  • 24 replies
  • February 24, 2016

This happened to us too. I got a hold or our TAM, and they were able to provide a custom managed config profile (.plist file) that we uploaded and pushed out.


Forum|alt.badge.img+15
  • Contributor
  • 589 replies
  • February 24, 2016

@Jakov I used a script as well. thoule's SS management. And I had a JSS policy to reinstall the script if it's missing or modified.


Forum|alt.badge.img+11
  • Valued Contributor
  • 142 replies
  • February 24, 2016

I just noticed this problem yesterday. Like the other folks on this thread I replaced my Login Window config with a shell script using default writes commands.

I also contacted JAMF Support and was told it was a known issue and they provided me this link


Forum|alt.badge.img+6
  • Author
  • Contributor
  • 19 replies
  • February 26, 2016

The problem as stated in your link is not exactly the same as we experience. However, there is another discussion going about the same problem, see https://jamfnation.jamfsoftware.com/discussion.html?id=9982


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings