Hi Dear Apple experts,
Appreciated your looking into this!
Here are some questions about managed local admin account on macOS device.
I know we can use AccountConfigurationCommand to create a local managed admin account on macOS device, but it is used only for admin account created during DEP setup phase.
https://developer.apple.com/documentation/devicemanagement/accountconfigurationcommand/command?changes=latest_minor
My questions are:
"GUID
string
(Required)The unique identifier of the local administrator account. If this value doesn't match the GUID of an administrator account that MDM created during Device Enrollment Program (DEP) enrollment, the command returns an error."
Thank you,
Wei
Appreciated your looking into this!
Here are some questions about managed local admin account on macOS device.
I know we can use AccountConfigurationCommand to create a local managed admin account on macOS device, but it is used only for admin account created during DEP setup phase.
https://developer.apple.com/documentation/devicemanagement/accountconfigurationcommand/command?changes=latest_minor
My questions are:
Is there any other way(via MDM command/command-line/...) to create a “MANAGED” local admin account, post DEP setup phase(instead of during DEP setup phase)?
If answer to #1 is “yes”, then can SetAutoAdminPasswordCommand used to change the password of such “managed” local admin account?
"GUID
string
(Required)The unique identifier of the local administrator account. If this value doesn't match the GUID of an administrator account that MDM created during Device Enrollment Program (DEP) enrollment, the command returns an error."
Thank you,
Wei