Local Accounts

You can use a policy to perform the following local account management tasks:

  • Create a new account.

  • Delete an existing account.

  • Reset the password for an existing account.

  • Disable an existing account for FileVault.

When you create a new account, you can also do the following:

  • Specify the password and password hint.

  • Specify a location for the home directory.

  • Configure the account picture.

  • Give the user administrator privileges to the computer.

  • Enable the account for FileVault.

When you delete an existing account, you can permanently delete the home directory or specify an archive location.

Administering Local Accounts Using a Policy

Requirements

(macOS 10.14 or later only) To reset an existing account password, the SecureToken for the account must be disabled.

(macOS 10.13 or later only) To enable the account for FileVault, a valid management account with a SecureToken is required to add the new user.

For more information on SecureToken, see Using SecureToken in Apple's Deployment Reference for Mac.

Procedure

  1. Log in to Jamf Pro.

  2. Click Computers at the top of the page.

  3. Click Policies.

  4. Click New images/download/thumbnails/81553194/Icon_New_Button.png .

  5. Use the General payload to configure basic settings for the policy, including the trigger and execution frequency.

  6. Select the Local Accounts payload and click Configure.

  7. Choose an action from the Action pop-up menu.

  8. Configure the action using the options on the pane.

  9. Use the Restart Options payload to configure settings for restarting computers.

  10. Click the Scope tab and configure the scope of the policy.
    For more information, see Scope.

  11. (Optional) Click the Self Service tab and make the policy available in Self Service.
    For more information, see Items Available to Users in Jamf Self Service for macOS.

  12. (Optional) Click the User Interaction tab and configure messaging and deferral options.
    For more information, see User Interaction with Policies.

  13. Click Save images/download/thumbnails/81531754/floppy-disk.png .

The policy runs on computers in the scope the next time they check in with Jamf Pro and meet the criteria in the General payload.

Related Information

For related information, see the following sections in this guide:

  • Smart Groups
    You can create smart computer groups based on local user accounts.

  • About Policies
    Learn the basics about policies.

  • Policy Management
    Find out how to create a policy, view the plan and status of a policy, and view and flush policy logs.

  • Management Accounts
    Find out how to change or reset the management account password, and enable or disable the management account for FileVault.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2020 Jamf. All rights reserved.