This guide applies to Mac computers
Available Parameters
Iru Endpoint includes built-in Parameters for common device management tasks. Expand a category below to read more.User Accounts & Authentication
User Accounts & Authentication
- Create User Accounts
Create Standard and Administrator user accounts automatically when a user enrolls a device. - Demote User Accounts to Standard
Demote local administrator accounts to Standard so users keep their accounts but lose admin privileges. - Don’t Allow the Guest User to Log In
Disable the Guest user account on macOS devices.
Filesystem
Filesystem
- Setting umask for All Users
Set default file permissions for all users on the device. - Checking Library and System Folders for World-Writable Files
Scan library and system folders for world-writable files that may pose a security risk.
Auditing & Logging
Auditing & Logging
- Monitor Encryption Status of Time Machine Volumes
Collect and report encryption status for attached Time Machine volumes. - Report User Accounts with FileVault Recovery Keys Escrowed to iCloud
Report which user accounts have FileVault recovery keys escrowed to iCloud.
macOS Applications & Services
macOS Applications & Services
- Restart after X Number of Days of Continuous Uptime
Require devices to restart after a set number of days of uptime.
Enable Parameters in Blueprints
Click Edit Parameters or Add Parameters
Click Edit Parameters or Add Parameters (first-time setup).
To bring in Parameters from another Blueprint instead, choose Import from existing Blueprint, select a Blueprint from the list (use Search Blueprints if needed), then click Import Parameters.
Search for Parameters
Type in the search field to find the Parameters you need. You can narrow results with the Compliance framework dropdown next to it.
Next Steps
After configuring Parameters:Set up enrollment for each platform
Once Blueprints and Parameters are configured, set up enrollment to manage devices: Apple Enrollment, Windows Enrollment, or Android Enrollment.