The payload that configures mobile accounts on the device.
| Setting | Type | Required | Default | Manual Install | Supported OS |
|---|---|---|---|---|---|
com.apple.cachedaccounts.CreateAtLogin com.apple.cachedaccounts.CreateAtLogin If `true`, the system creates the mobile account at login time. | boolean | optional | false | ✓Yes | macOS (10.7+) |
com.apple.cachedaccounts.WarnOnCreate com.apple.cachedaccounts.WarnOnCreate If `true`, the system asks the user whether to create the mobile account and it allows the user to not create it. | boolean | optional | false | ✓Yes | macOS (10.7+) |
cachedaccounts.WarnOnCreate.allowNever cachedaccounts.WarnOnCreate.allowNever If `true`, the system allows the user to stop the prompts about mobile account creation every time the user logs in. This key is only valid if `com.apple.cachedaccounts.WarnOnCreate` is `true`. | boolean | optional | false | ✓Yes | macOS (10.7+) |
cachedaccounts.expiry.delete.disusedSeconds cachedaccounts.expiry.delete.disusedSeconds The minimum number of seconds a mobile account can exist before the system makes an automatic attempt to remove the mobile account. Set to `0` to attempt removing it at the next login or logout. Set to `-1` to never attempt removing the mobile account. | integer | optional | -1 | ✓Yes | macOS (10.7+) |
cachedaccounts.askForSecureTokenAuthBypass cachedaccounts.askForSecureTokenAuthBypass If `true`, the system bypasses the secure token authorization dialog. This dialog only appears on APFS volumes. | boolean | optional | false | ✓Yes | macOS (10.7+) |
Explore the full catalogue of Apple Mobile Device Management (MDM) and Declarative Device Management (DDM) policies for macOS and iOS. Search, filter, and reference policy keys for use with Microsoft Intune, Jamf, or any standards-compliant MDM solution.
com.apple.wifi.managed – Wi-Fi network configurationcom.apple.vpn.managed – VPN configurationcom.apple.applicationaccess – App and feature restrictionscom.apple.security.pkcs1 – Certificate (PKCS#1) payloadcom.apple.security.pkcs12 – Identity certificate (PKCS#12) payloadcom.apple.security.scep – SCEP certificate enrolmentcom.apple.mail.managed – Mail account configurationcom.apple.eas.account – Exchange ActiveSync accountcom.apple.MCX – Managed Client (macOS) preferencescom.apple.MCX.FileVault2 – FileVault 2 disk encryptioncom.apple.dock – macOS Dock configurationcom.apple.screensaver – Screensaver configurationcom.apple.loginwindow – macOS login window configurationcom.apple.systempolicy.managed – Gatekeeper / system policycom.apple.systempreferences – System Preferences pane restrictionscom.apple.SoftwareUpdate – Software update behaviourcom.apple.TCC.configuration-profile-policy – Privacy Preferences Policy Control (PPPC)com.apple.notificationsettings – Per-app notification settingscom.apple.webcontent-filter – Web content filtercom.apple.dnsSettings.managed – DNS settings (DoH / DoT)com.apple.relay.managed – Network relay configurationcom.apple.extensiblesso – Extensible Single Sign-Oncom.apple.configuration.passcode.settings – DDM: passcode policycom.apple.configuration.softwareupdate.enforcement.specific – DDM: enforced software updatecom.apple.configuration.services.configuration-files – DDM: service configuration filescom.apple.configuration.management.status-subscriptions – DDM: status subscriptionscom.apple.activation.simple – DDM: simple activation predicatecom.apple.management.organization-info – DDM: organization information