Skip to main content

datajar.mobi Local Admin Rights Management

  • Updated

Introduction

This Knowledge Base Article is intended for datajar.mobi technical contacts.

It is possible for datajar.mobi to provide a Self Service solution for end users to promote themselves and to become a local administrator on their macOS device.

This process will make the policy available to all local users on that specific device.

Process to Enable End User Promotion

You have two options to enable the promotion process for an end user:

1) Log a ticket with dataJAR support, providing the device name or serial number, requesting that you would like to allow the specific device the ability to promote users to a local administrator. 

2) If you have access to the dataJAR Simplified Management App, you can enable the policy by checking the "Allow Admins" tickbox.

image.png

More information on the Simplified Management App can be found here.

 

End-User Process

Once this has been enabled, users should use the Self Service policy to promote themselves to a local administrator.

1) Launch the Self Service Application from the Dock (if present) or your Application Folder

Screenshot_2019-07-04_at_12.34.35.png

2) Find the policy "Policy - Make Admin" and click the "Admin Rights" button

Screenshot_2019-07-04_at_12.40.06.png

3) This will promote the currently logged-in user and provide them with local admin rights, then request a logout

4) Save and quit your work and logout

5) After logging back in the process is complete

Note: This process will work for all users on an enabled device

 

Process to Demote Local Users

It's also possible to demote all local users (except for service accounts) and remove their local admin rights as they log in.

You have two options to enable the demotion process for an end user:

1) Log a ticket with dataJAR support, providing the device name or serial number, requesting that you would like to allow the specific device to demote any logging in users to remove their local admin rights.

2) If you have access to the dataJAR Simplified Management App, you can enable the process by unchecking the "Allow Admins" tickbox.

image.png

More information on the Simplified Management App can be found here.

End-User Process

As a user logs in, they will be automatically demoted and have their local admin rights removed on this specific device, with the exception of local service account/s

If you require further assistance or support, please contact our support team. 

Related articles