Custom profiles for macOS Sierra

Custom profiles for macOS Sierra

macOS Sierra offers a variety of advanced MDM functionality that can be configured through Profiles in the AirWatch Admin Console. 

New macOS Sierra features are available as part of AirWatch 8.4.5. Administrators on an earlier AirWatch version can run the macOS Sierra seed script to allow support of macOS Sierra devices, and use the following custom profiles to achieve the same functionality.

The XML code for these custom profiles is listed below and can be implemented using the following procedure.

Using Custom Profiles 

The Custom Settings payload allows admins to enter their own XML into a profile and apply the profile to devices. Follow the steps below using the iOS 10 code found at the end of this document.

1. Configure the General payload and deployment options as desired.

2. If you would like to include any iOS 10 features that are not available in the UI for your version, you can add the associated XML below to the Custom Settings payload for your profile. 

  • This XML should contain the complete block of code as listed below, from <dict> to </dict>. 
  • Administrators should configure each setting from <true /> to <false /> as desired. 
  • If certificates are required, then configure a Certificate payload within the profile and reference the PayloadUUID in the Custom Settings payload. See further information within the examples below.

Custom_Profiles.jpg 

macOS Sierra Custom Profile XML Code

Use the following link to download custom XML Code. View all custom XML code examples here.

 

Disallow Apple Music

If set to false, Music service is disabled and Music app reverts to classic mode. The key can be used in addition to other restriction keys in the custom profile. This restriction is supported in User and Device context

<key>allowMusicService</key>

<true />

 

Example:

</dict>

    <key>allowMusicService</key>

    <true />

    <key>PayloadDisplayName</key>

    <string>iCloud</string>

    <key>PayloadDescription</key>

    <string>iCloud</string>

    <key>PayloadIdentifier</key>

    <string>1a2e7e9c-e797-4e02-acc3-676fa072c743.iCloud</string>

    <key>PayloadOrganization</key>

    <string></string>

    <key>PayloadType</key>

    <string>com.apple.applicationaccess</string>

    <key>PayloadUUID</key>

    <string>cb37fcf6-48d1-4af9-b995-77a5bab7f5fc</string>

    <key>PayloadVersion</key>

    <integer>1</integer>

    <key>ServerCapabilities</key>

    <array>

        <string>com.apple.mdm.per-user-connections</string>

    </array>

</dict>

 

Restrict individual iCloud Services

The below keys can be used in addition to other restriction keys in the custom profile. The restrictions are supported in User and Device context

 

When false, disallows macOS Back to My Mac iCloud service:   

<key>allowCloudBTMM</key>

<true />

 

When false, disallows macOS Find My Mac iCloud service:

<key>allowCloudFMM</key>

<true />

 

When false, disallows macOS iCloud Bookmark sync:

<key>allowCloudBookmarks</key>

<true />

 

When false, disallows macOS Mail iCloud services:

<key>allowCloudMail</key>

<true />

 

When false, disallows macOS iCloud Calendar services:

<key>allowCloudCalendar</key>

<true />

 

When false, disallows iCloud Reminder services.

<key>allowCloudReminders</key>

<true />

 

When false, disallows macOS iCloud Address Book services.

<key>allowCloudAddressBook</key>

<true />

 

When false, disallows macOS iCloud Notes services.

<key>allowCloudNotes</key>

<true />

 

If false, disables iCloud keychain synchronization.

<key>allowCloudKeychainSync</key>

<true />

 

Example:

</dict>

    <key>allowCloudBTMM</key>

    <false />

    <key>allowCloudFMM</key>

    <false />

    <key>allowCloudBookmarks</key>

    <false />

    <key>allowCloudMail</key>

    <false />

    <key>allowCloudCalendar</key>

    <false />

    <key>allowCloudReminders</key>

    <false />

    <key>allowCloudAddressBook</key>

    <false />

    <key>allowCloudNotes</key>

    <false />

    <key>allowCloudKeychainSync</key>

    <false />

    <key>PayloadDisplayName</key>

    <string>iCloud</string>

    <key>PayloadDescription</key>

    <string>iCloud</string>

    <key>PayloadIdentifier</key>

    <string>1a2e7e9c-e797-4e02-acc3-676fa072c157.iCloud</string>

    <key>PayloadOrganization</key>

    <string></string>

    <key>PayloadType</key>

    <string>com.apple.applicationaccess</string>

    <key>PayloadUUID</key>

    <string>cb37fcf6-48d1-4af9-b995-77a5bab7f8fc</string>

    <key>PayloadVersion</key>

    <integer>1</integer>

    <key>ServerCapabilities</key>

    <array>

        <string>com.apple.mdm.per-user-connections</string>

    </array>

</dict>

Have more questions? Submit a request

0 Comments

Article is closed for comments.