06-24-2022 02:28 PM
Do you have a local admin user that you don't want to show up on the login list? Or perhaps you don't want the admin users to appear when you log into a user machine? Well, worry not. For once, Apple's got this covered. For those using a profile creator, this is under the Login Window system domain.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>HiddenUsersList</key>
<array>
<string>hidethislocaluser</string>
</array>
<key>HideAdminUsers</key>
<true/>
<key>PayloadDisplayName</key>
<string>Loginwindow</string>
<key>PayloadIdentifier</key>
<string>com.apple.loginwindow.0B513E4B-FBE8-44E2-9276-616327C8AF48</string>
<key>PayloadType</key>
<string>com.apple.loginwindow</string>
<key>PayloadUUID</key>
<string>0B513E4B-FBE8-44E2-9276-616327C8AF48</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>SHOWOTHERUSERS_MANAGED</key>
<true/>
</dict>
</array>
<key>PayloadDescription</key>
<string>Test profile for hidden user logins.</string>
<key>PayloadDisplayName</key>
<string>LoginWindow</string>
<key>PayloadIdentifier</key>
<string>com.nunya.bizniss.randomhexDf87ff</string>
<key>PayloadOrganization</key>
<string>Nunya Inc</string>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>078A2261-6B7A-403A-B34C-D2BCB9F729A5</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>TargetDeviceType</key>
<integer>5</integer>
</dict>
</plist>
Options I like to enable as well:
- Show user name and password fields instead of list:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>AdminHostInfo</key>
<string>hostname</string>
<key>HiddenUsersList</key>
<array>
<string>hidethislocaluser</string>
</array>
<key>PayloadDisplayName</key>
<string>Loginwindow</string>
<key>PayloadIdentifier</key>
<string>com.apple.loginwindow.0B513E4B-FBE8-44E2-9276-616327C8AF48</string>
<key>PayloadType</key>
<string>com.apple.loginwindow</string>
<key>PayloadUUID</key>
<string>3DA60F9D-2CE1-4988-AB7E-093E04A468C7</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>SHOWFULLNAME</key>
<true/>
</dict>
</array>
<key>PayloadDescription</key>
<string>Test profile for hidden user logins.</string>
<key>PayloadDisplayName</key>
<string>LoginWindow</string>
<key>PayloadIdentifier</key>
<string>com.nunya.bizniss.randomhexDf87ff</string>
<key>PayloadOrganization</key>
<string>Nunya Inc</string>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>005935DC-5A69-49A7-90D3-F6DDB1985C97</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>TargetDeviceType</key>
<integer>5</integer>
</dict>
</plist>
Happy hiding!
06-27-2022 01:30 PM
This is nice if you need to target certain accounts. Otherwise, couldn't you just use the JC policy to display username/password on login?
06-29-2022 03:12 PM
I do, but for BYOD devices, I like to have this covered if they want the list instead.
New to the site? Take a look at these additional resources:
Ready to join us? You can register here.