serdar1
Contributor
Contributor

How To Disable the Apple ID on the MacOS devices

Hi Team,

 

How To Disable the Apple ID on the MacOS devices? There is a restriction profile where I can do this in the ws1 cloud environment. But I couldn't see it in ten premise versions. I tried a few scripts for this but got "payload missing" errors. Is there any solution about this issue? In addition, a case has been opened on this subject.(SR:23394154701)

WS1 UEM Version: 2203/on premise

BR.

0 Kudos
7 Replies
AntonThirifays
Enthusiast
Enthusiast

Hey,

What do you mean by "Disable the Apple ID on the macOS devices" ?

If you don't want to use iCloud or download any apps from the Apple App Store, just log out of the Account and that's it.

But that also means that you won't be able to install macOS updates given they're served as apps.

A suitable alternative would be to offer all of the apps that your users need either as VPP if available at the app store or through package distribution.

Cheers,

 

0 Kudos
serdar1
Contributor
Contributor

I guess you didn't understand what I want to do. Frankly, I can do this in the airwatch cloud version (ws1 version 2210). Users should not do this. I should be able to manage this process via airwatch. If you examine the picture I added, we need to restrict apple ID login. We can block the app store and icloud, we have no problem with this stage.

0 Kudos
AntonThirifays
Enthusiast
Enthusiast

Indeed I'm not quite sure I understand fully your use case here but if you say you're able to have the profile as you want it from a SAAS environment, why not create it there and import it in your On Prem environment ?

Else, just add the delta between SAAS profile and OP Profile in custom settings for OP Profile for the command lines that rule this aspect ? 

0 Kudos
serdar1
Contributor
Contributor

Our bank customer does not have the necessary country-based approvals to use the cloud environment. Therefore, bank customers cannot use the cloud. The structures of our bank customers are ten premise. If we can block the Apple ID login button with a script, I can test it. When I try the following script as "custom settings", "-106 Invalid profile: A payload in the profile is missing the “PayloadIdentifier” key.
I am getting the error.

The script I use: <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>DisabledPreferencePanes</key>
<array>
<string>com.apple.preferences.AppleIDPrefPane</string>
</array>
</dict>
</plist>

Article : https://community.jamf.com/t5/jamf-pro/catalina-system-preferences-disable-apple-id-preference/m-p/2...

MacOS Version : Version 12: "Monterey

0 Kudos
AntonThirifays
Enthusiast
Enthusiast

Seems the payload identifier and payload type are missing ?

Payload Type

com.apple.systempreferences 

https://developer.apple.com/documentation/devicemanagement/systempreferences

Payload Identifier

https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf

 

 

0 Kudos
serdar1
Contributor
Contributor

Actually, I got the payload IDs from the site you sent. I encountered the error in my previous answer. 

 

I tried this way but still got the error.

 

The script I use: <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>DisabledPreferencePanes</key>
<array>
<string>com.apple.preferences.AppleIDPrefPane, com.apple.preferences.appstore</string>
</array>
</dict>
</plist>

 

 

0 Kudos
Eileenmc
Contributor
Contributor

I had it disabled on all of my devices, but once I upgraded to Ventura it is now asking all of my "generic" users to sign in.  I can't find anywhere in Workspace one to disable it.  Have you found a solution?

0 Kudos