Easily assign macOS computers to a BeyondTrust Endpoint Privilege Management High, Medium or Low Workstyle Flexibility via a Jamf Pro Script Parameter
While BeyondTrust Endpoint Privilege Management for Windows policy Workstyles can be filtered based on Microsoft Entra ID groups — as of this writing — macOS policy Workstyles cannot.
For macOS, each users’ account must be added to an existing local group for every Mac in your fleet.
I love your work, Dan. Pertinent and insightful information, as always.
This was a great read as always Dan.
Great work and article. I typically do not recommend managing Low Flex users as they are typically 90-95% of all users. leaving you just to manage the 5-10% of Medium and High Flex users, the rest default to Low flex as they are not a member of the Admin GroupID 80 or Builtin/Administrators. This ensure that if the client is install the least privileged policy will apply.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
