The payload that configures lights-out management (LOM) settings.
| Setting | Type | Required | Default | Manual Install | Supported OS |
|---|---|---|---|---|---|
Device Certificate payload UUID DeviceCertificateUUID The UUID certificate for the device. This key indicates the device can receive `PowerON`, `PowerOFF`, and `Reset` requests from a LOM controller. This certificate must contain the Key Usage attributes of Digital Signature, Key Encipherment and Data Encipherment. As well as the Extended Key Usage attributes of Server Authentication and Client Authentication. | string | optional | — | ✗No | macOS (11.0+) |
Controller Certificate payload UUID ControllerCertificateUUID The UUID certificate for the LOM controller. This key configures the device to accept the `LOMDeviceRequestCommand` from MDM and then send it to the target device. | string | optional | — | ✗No | macOS (11.0+) |
CA certificate payload UUIDs DeviceCACertificateUUIDs An array of payload UUIDs containing CA certificates that controllers use to evaluate trust of device certificates. 1 subkey | array | optional | — | ✗No | macOS (11.0+) |
└─ DeviceCACertificateUUIDsItem DeviceCACertificateUUIDsItem | string | — | ✗No | macOS (11.0+) | |
CA certificate payload UUIDs ControllerCACertificateUUIDs An array of payload UUIDs containing CA certificates that devices use to evaluate trust of controller certificates.
This key configures the device to accept the `LOMDeviceRequestCommand` from MDM and then send it to the target device. This certificate must contain the Key Usage attributes of Digital Signature, Key Encipherment and Data Encipherment. As well as the Extended Key Usage attributes of Server Authentication and Client Authentication. 1 subkey | array | optional | — | ✗No | macOS (11.0+) |
└─ ControllerCACertificateUUIDsItem ControllerCACertificateUUIDsItem | string | — | ✗No | macOS (11.0+) |
Explore the full catalogue of Apple Mobile Device Management (MDM) and Declarative Device Management (DDM) policies for macOS and iOS. Search, filter, and reference policy keys for use with Microsoft Intune, Jamf, or any standards-compliant MDM solution.
com.apple.wifi.managed – Wi-Fi network configurationcom.apple.vpn.managed – VPN configurationcom.apple.applicationaccess – App and feature restrictionscom.apple.security.pkcs1 – Certificate (PKCS#1) payloadcom.apple.security.pkcs12 – Identity certificate (PKCS#12) payloadcom.apple.security.scep – SCEP certificate enrolmentcom.apple.mail.managed – Mail account configurationcom.apple.eas.account – Exchange ActiveSync accountcom.apple.MCX – Managed Client (macOS) preferencescom.apple.MCX.FileVault2 – FileVault 2 disk encryptioncom.apple.dock – macOS Dock configurationcom.apple.screensaver – Screensaver configurationcom.apple.loginwindow – macOS login window configurationcom.apple.systempolicy.managed – Gatekeeper / system policycom.apple.systempreferences – System Preferences pane restrictionscom.apple.SoftwareUpdate – Software update behaviourcom.apple.TCC.configuration-profile-policy – Privacy Preferences Policy Control (PPPC)com.apple.notificationsettings – Per-app notification settingscom.apple.webcontent-filter – Web content filtercom.apple.dnsSettings.managed – DNS settings (DoH / DoT)com.apple.relay.managed – Network relay configurationcom.apple.extensiblesso – Extensible Single Sign-Oncom.apple.configuration.passcode.settings – DDM: passcode policycom.apple.configuration.softwareupdate.enforcement.specific – DDM: enforced software updatecom.apple.configuration.services.configuration-files – DDM: service configuration filescom.apple.configuration.management.status-subscriptions – DDM: status subscriptionscom.apple.activation.simple – DDM: simple activation predicatecom.apple.management.organization-info – DDM: organization information