{"id":75453,"date":"2023-06-05T13:09:04","date_gmt":"2023-06-05T17:09:04","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&p=75453"},"modified":"2024-04-11T14:11:56","modified_gmt":"2024-04-11T18:11:56","slug":"grant-full-disk-access-permissions-to-the-jumpcloud-agent-for-macos","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/grant-full-disk-access-permissions-to-the-jumpcloud-agent-for-macos","title":{"rendered":"Grant Full Disk Access Permissions to the JumpCloud Agent for macOS"},"content":{"rendered":"\n

Starting with macOS Monterey, Apple has made a change that affects JumpCloud and JumpCloud IT Admins. Apple now restricts the \/etc\/pam.d\/<\/kbd> directory on macOS Monterey and newer devices, and requires that any process that wants to edit the files in this directory have user consent, or consent supplied by their admin through an MDM profile.<\/p>\n\n\n\n

The files in the \/etc\/pam.d\/<\/kbd> directory control a part of the macOS authentication system called pluggable authentication modules. JumpCloud\u2019s login window mechanism is an example of a pluggable authentication module. The JumpCloud agent edits the authorization and screensaver settings files to use the JumpCloud authentication module, which allows your user passwords to be synced to the machine. <\/p>\n\n\n\n

Preparing for this Change<\/h2>\n\n\n\n