I've been struggling with this for a few days now but can't seem to figure out what's going.
We are deploying two configuration profiles on our machines - one setting the Login Window preferences and another for Security & Privacy where the user is prompted to enter their password 5 minutes after the computer goes to sleep.
However, I'm getting a weird issue where even though I haven't set the user to be prompted to enter their password immediately after the computer sleeps, a number of machines have this setting locked. I've tried reapplying the config profile several times, but it's very inconsistent, mostly defaulting to prompt the user immediately after sleeping.
Looking at the details of the two config profiles, however, I'm seeing this:
And these are my config profile settings
Even though there's no setting for it, it appears the Login Window payload has a screensaver preference which doesn't require a password.
Does anyone know why the Login Window has a screensaver setting in the config profile, or how to remove it? Does this seem like the root of my problem, or something else I haven't looked at?
It does appear to be a function of some management setting, as when I login as the local admin and hold down option to disable management temporarily, the Security & Privacy password prompt behaves normally.
1 ACCEPTED SOLUTION
