Intune Policy to Disable Touch ID for Unlock Mac Device

This post covers the Intune Policy to disable Touch ID for Unlock Mac Devices. macOS allows users to use Touch ID to unlock their Mac, Disabling Touch ID may be a preference for prioritizing privacy and security.

Touch ID is a fingerprint recognition feature designed that allows users to unlock devices, Touch ID doesn’t store any images of your fingerprint and instead only relies on a mathematical representation. It isn’t possible for someone to reverse engineer your actual fingerprint image from this stored data.

Biometric authentication, such as Touch ID, improves the user experience by offering a quick and effortless way to unlock the device. Disable Touch ID for unlocking a Mac depends on your specific security requirements and user preferences. It’s important to be aware of potential security considerations.

There are various Mac device restriction settings offered by Intune, configure the Restrictions payload to enable or disable features on devices. These configurations can prevent users from accessing a specific app, service or function on enrolled devices.

Patch My PC

Intune Policy to Disable Touch ID for Unlock Mac Device

You need to use macOS configuration profiles or Shell scripts for macOS-specific configurations, including disabling Touch ID. By following these steps, you can use the Intune Policy to Disable Touch ID for Unlock Mac Device.

  • Open the Microsoft Intune Admin Center https://intune.microsoft.com/ portal from any browser. Enter the User Name and password to log in.
  • Select Devices > macOS > Configuration profiles under macOS policies, and click + New Policy. You can now able to Import and Export Settings Catalog Policy from the Intune Admin Center, by clicking Import Policy.
Intune Policy to Disable Touch ID for Unlock mac Device Fig.1
Intune Policy to Disable Touch ID for Unlock mac Device Fig.1

In Create Profile, Select macOS in Platform, and Select Profile Type as Settings Catalog. Click on the Create  button.

Adaptiva
Intune Policy to Disable Touch ID for Unlock mac Device Fig.2
Intune Policy to Disable Touch ID for Unlock mac Device Fig.2

In Basics, enter a descriptive name for the policy. Name your policies so you can easily identify them later. Enter a description for the policy. This setting is optional, but recommended. Select Next.

Intune Policy to Disable Touch ID for Unlocking mac Device Fig.3
Intune Policy to Disable Touch ID for Unlock mac Device Fig.3

On the macOS Configuration settings tab, With the settings catalog, you can choose which settings you want to configure. Click on Add Settings to browse or search the catalog for the settings you want to configure.

Search for “Allow Fingerprint for unlock” or “Fingerprint for unlock”. Select the Restrictions settings from Allow Fingerprint For Unlock from the search result.

Intune Policy to Disable Touch ID for Unlocking mac Device Fig.3
Intune Policy to Disable Touch ID for Unlock mac Device Fig.3

By default, the OS might allow users to unlock the device using a fingerprint. The next step is to toggle the Allow Fingerprint For Unlock to Flase switch. If false, prevent Touch ID or Face ID from unlocking a device. Available in iOS 7 and later, and macOS 10.12.4 and later and click on Next.

Intune Policy to Disable Touch ID for Unlocking mac Device Fig.4
Intune Policy to Disable Touch ID for Unlock mac Device Fig.4

Next, in Assignments, in Included Groups, you need to click on Add Groups, choose Select Groups to include one or more groups to target the macOS restriction policy, and click Next to continue.

In Review + create, review your settings. When you select Create, your changes are saved, and the profile is assigned.

Intune Policy to Disable Touch ID for Unlocking mac Device Fig.5
Intune Policy to Disable Touch ID for Unlock mac Device Fig.5

A notification will appear automatically if you see it in the top right-hand corner. You can see that the Policy “Disable Touch ID for Unlocking mac Device” was created successfully. The policy is also shown in the Configuration profiles list.

Intune Policy to Disable Touch ID for Unlocking mac Device Fig.6
Intune Policy to Disable Touch ID for Unlocking mac Device Fig.6

Monitor Intune Policy to Disable Touch ID for Unlocking Mac Device

Once the Intune macOS restriction policy is deployed to macOS devices, it will take some time to apply, You can get the deployment status on the list of targeted devices by clicking on profile inside macOS > Configuration profiles.

Intune Policy to Disable Touch ID for Unlocking mac Device Fig.7
Intune Policy to Disable Touch ID for Unlocking mac Device Fig.7

Note! Before deploying profiles in large groups or production, It’s always important to test any configuration changes or scripts in an environment with limited sets of devices before deploying to production devices.

Once the user successfully log in to the macOS device, you can follow the steps below to check the profile status. The specific settings and options might vary based on the version of macOS you are using. You can also initiate the manual sync to speed up if the profile is not received.

  • Click on the Apple icon at the top-left corner and select System Settings from the list of options.
  • Search for Privacy & Security, and look to find out the settings.

We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.

Author

About Author – JiteshMicrosoft MVP, has over six years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10/11 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.