Category filter
Configuration profile to manage access to iCloud services on Mac
The configuration profile provided in this document helps organizations manage access to the iCloud services on Mac.
Setting up iCloud on your Apple devices lets users sync and store files, documents, and folders in the cloud. Once logged in to iCloud, the devices can also be allowed access to other services that rely on iCloud, for instance, iCloud Mail services, iCloud Notes services, etc. Admins can enable/disable these services to customize the way users access apps and data through them. You can use a configuration profile to restrict/allow different iCloud services on the devices. Through Hexnode UEM, admins can deploy configuration files to remote macOS devices using the Deploy Custom Configuration policy.
The sample configuration profiles provided below are created using various profile creator applications.
Restrict iCloud services on Mac
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadContent</key> <array> <dict> <key>PayloadDescription</key> <string></string> <key>PayloadDisplayName</key> <string>Restrictions</string> <key>PayloadEnabled</key> <true/> <key>PayloadIdentifier</key> <string>9D267E54-297A-42E0-973E-A4207AFFC7FB</string> <key>PayloadType</key> <string>com.apple.applicationaccess</string> <key>PayloadUUID</key> <string>9D267E54-297A-42E0-973E-A4207AFFC7FB</string> <key>PayloadVersion</key> <integer>1</integer> <key>allowCloudCalendar</key> <false/> </dict> </array> <key>PayloadEnabled</key> <true/> <key>PayloadIdentifier</key> <string>F6C86CF1-5B68-433D-88A9-ACB6B73CBC44</string> <key>PayloadRemovalDisallowed</key> <false/> <key>PayloadScope</key> <string>System</string> <key>PayloadType</key> <string>Configuration</string> <key>PayloadUUID</key> <string>F6C86CF1-5B68-433D-88A9-ACB6B73CBC44</string> <key>PayloadVersion</key> <integer>1</integer> </dict> </plist> |
Replace allowCloudCalendar with the required key to disable the corresponding iCloud service. You can disable multiple iCloud services through a single configuration file by adding multiple keys. Use the following keys for Mac:
| Key | Value | Supported Versions | Description |
|---|---|---|---|
| allowCloudAddressBook | Boolean | 10.12+ | If set to false, the key will will help you disable the iCloud Address Book services. |
| allowCloudBookmarks | Boolean | 10.12+ | If set to false, the key will help you disable iCloud Bookmark sync. |
| allowCloudCalendar | Boolean | 10.12+ | If set to false, the option will help you disable iCloud Calendar services. |
| allowCloudDocumentSync | Boolean | 10.11+ | If set to false, the option will help you disable document and key-value syncing to iCloud |
| allowCloudKeychainSync | Boolean | 10.12+ | If set to false, the option helps you disable iCloud keychain synchronization |
| allowCloudMail | Boolean | 10.12+ | If set to false, the option helps you disable iCloud Mail services |
| allowCloudNotes | Boolean | 10.12+ | If set to false, the option helps you disable iCloud Notes services. |
| allowCloudPhotoLibrary | Boolean | 10.12+ | If set to false, the option will help you disable iCloud Photo Library. |
| allowCloudReminders | Boolean | 10.12+ | If set to false, the system disables iCloud Reminder services. |
What happens at the device end?
The corresponding iCloud services mentioned in the custom configuration file with the value set as false will be disabled. Navigate to Internet Accounts > iCloud to verify the iCloud services permitted.
For instance,
- restricting the iCloud Address Book services disables the Contacts toggle button.
- disabling iCloud Bookmark sync disables the Safari toggle button.
- blocking iCloud Calendar services disables the the Calendars option.
- preventing document and key-value syncing to iCloud disables the iCloud Drive option.
- restricting iCloud keychain synchronization disables the Keychain option.
- disabling iCloud Mail services disables the Mail option.
- blocking iCloud Notes services disables the Notes option.
- preventing iCloud Photo Library disables the Photos option.
- restricting iCloud Reminder services disables the Reminders option.
The user will not be able to configure these settings any further. Only after removing the policy from the device the user will be allowed to manually configure the disabled settings.
