Category Filter

How to add Admin account on macOS devices

An administrator account has complete access to everything on the Mac, including installing software updates, installing/uninstalling applications, accessing and deleting system files, and performing other administrative tasks. An admin user in a macOS device can add and manage other users and change system settings. Hexnode lets your organization add an admin account for macOS devices enrolled via Apple Business Manager.

Notes:

Enroll the macOS devices via Apple Business Manager to add admin users.
This feature works on macOS 10.11 or higher versions
This feature is available only on the Ultra subscription edition.

Jump To

Add administrator user account on macOS devices
What happens at the device end?

Add administrator user account on macOS devices

The macOS device enrolled via Apple Business Manager can be viewed in the DEP Devices list. We can add admin users by configuring DEP Configuration Profiles.

On your Hexnode portal, go to Enroll > Platform-Specific and under macOS, click on Apple Business/School Manager.
Under DEP Devices, you can see the enrolled macOS devices. Click on DEP Configuration Profiles to configure DEP policies.
Click on Configure DEP Profile to create a new DEP policy. You can also edit the existing DEP profiles by clicking on them. Give a suitable name for the DEP Policy.
Check the Configure user accounts option.

You will have the following options to configure.

Add administrator user account on macOS devices enrolled via Apple Business Manager in Hexnode MDM

Setup new account as	Administrator
Full name	Enter the name of the administrator. You can use wildcards in this field.
Account name	You can use either “Full name” or “Account name” to log in to your Mac. The ‘Account name’ will be used as the name for your home folder. Enter the name of the Administrator. It supports the use of wildcards.
Password	Enter a password for the user account. It also supports the use of wildcards. However, the wildcards would be hidden under an asterisk. Click on the eye icon to view.
Hide account from Login Window and Users & Groups	If enabled, the account will be hidden from System Preferences > Users & Groups on your Mac device. Enabling this option will also hide the account name and only display the password prompt on the login window.

Click on Save to save the policy.
Associate the DEP Policy with the macOS device to add the admin user.

What happens at the device end?

After this policy is associated, your managed devices will automatically have the admin account configured on the system. The policy gets applied when the device connects to the internet during the Setup Assistant steps.

The admin account will be shown or hidden on the Login window depending on your settings. If the account is hidden from the Login window, you can sign-in to the admin account from the Login window by click on any user account and pressing the option + return key combination. Then, on the same screen, you can type in the admin account name or full name followed the corresponding password to login to the admin account.

Need more help?

Raise a Ticket

Ask Community

Chat With Us