Block account modification on Mac devices

  • Updated on Feb 12, 2026
  • Published on Aug 14, 2024
  • 1 minute(s) read
Prev Next

The following Payload helps IT Admins block modifications of Apple ID on macOS Devices. Please note that it works from macOS 14 onwards, and it won't log out already logged-in Apple IDs.

  1. Copy the contents below directly and add them to Apple Configurations > Custom Configurations for Mac, or click here to download the file and import it.

  2. Follow our guide on how to add the Custom Payload in the Apple Configurations & deploy it to devices.

    <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDisplayName</key>
			<string>Restrictions</string>
			<key>PayloadIdentifier</key>
			<string>com.apple.applicationaccess.34F2C458-4633-4DC1-9F9C-B09F5FD5A460</string>
			<key>PayloadType</key>
			<string>com.apple.applicationaccess</string>
			<key>PayloadUUID</key>
			<string>34F2C458-4633-4DC1-9F9C-B09F5FD5A460</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>allowAccountModification</key>
			<false/>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>This will disable Account Modification from macOS 14 onwards</string>
	<key>PayloadDisplayName</key>
	<string>Disable Account Modification</string>
	<key>PayloadIdentifier</key>
	<string>com.promobitech.scalefusion.C15E6ABB-9C27-44B8-9218-C929664991A0</string>
	<key>PayloadOrganization</key>
	<string>Scalefusion</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>D22DB5F0-503E-44B0-A061-66B1C16F620F</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

  3. On the device, the Apple ID section in System settings will be restricted as shown in the image below.

Note:

  1. The Payload and its contents are sourced from various albeit authenticated Apple Developer communities and forums.

  2. Please validate them on a test machine before deploying them on all your managed devices.

  3. Scalefusion has tested these Payloads, however, Scalefusion will not be responsible for any loss of data or system malfunction that may arise due to the incorrect usage of these payloads.