The Restrictions payload allows you to prevent end users from accessing device functionality. For example, you can add a restriction to prevent end users from using the camera or using AirDrop to send files to other nearby devices.
Note:
Some functionality cannot be restricted on personally owned devices. For example, you can restrict the camera and screenshots on institutionally owned devices, but you cannot do so on personally owned devices.
In Jamf Pro, click Devices in the sidebar.
Click Configuration Profiles in the sidebar.
Click New .
In the General payload, enter a name for the profile and configure other settings on the pane as needed.
Under the Restrictions payload, click Functionality.
Use the switch on the right side of the page to select the restrictions you would like to apply, and choose Restrict or Allow for each restriction you have selected.
Note:
Keep the following in mind when restricting functionality for mobile devices:
Certain restrictions require supervision. You can filter your results by using the iOS, tvOS, and Supervised filter buttons at the top of the page to filter out restrictions that do not require supervision.
You can use the Modifying account settings restriction to prevent changes to the Apple Account settings, Mail accounts, Messages, FaceTime, and others. Jamf recommends applying the restriction during enrollment to prevent end users from signing in to the device with a personal Apple Account.
The Modifying passcode and Modifying account settings restrictions do not restrict Assistive Access.
Click the Scope tab and configure the scope of the configuration profile.
Click Save .
The profile is distributed to the devices in the scope. If a device has two or more configuration profiles with restrictions, it will accept the most restrictive settings.