Share via

How to block "open anyway" on mac os via intune without removing admin permissions on the machines?

Ismaele Giallombardo 0 Reputation points
2025-01-30T10:55:18.2566667+00:00

Hi, I need to block the installation of custom apps on mac machines, I have them enrolled directly on intune, but I can't remove users from administrators to guarantee various permissions on the cli or on the app permissions.

I have already set the compliance policies that allow the installation of apps only from the app store, but I have that damned "Open Anyway" button that bypasses everything... how can I do it??

Kind Regards

Screenshot 2025-01-30 at 10.32.39

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,570 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 53,086 Reputation points Microsoft External Staff
    2025-01-31T02:08:33.35+00:00

    @Ismaele Giallombardo, Thanks for posting in Q&A. For your issue, you can set "Do not allow user to override Gatekeepe" to yes in endpoint protection to see if it can block.

    https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-protection-macos#gatekeeper

    Hope the above information can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.