Find My Mac (FMM) is a service from Apple that allows individual iCloud users to locate their devices as long as they are signed in and the device has a valid internet connection. The problem, in enterprise, is we often do not want these services up and running due to security. You can disable the ability to sign into iCloud all together but what if you want to just stop FMM?
It is pretty easy to detect if FMM has been setup with:
/usr/sbin/nvram -x -p | /usr/bin/grep fmm-mobileme-token-FMM
and it’s also pretty easy to disable:
nvram -d fmm-mobileme-token-FMM
However, the above option requires a restart! Users really do not like restarting their computers. Instead you can simply restart the findmydeviced
process. This will properly remove the token and update the System Preference GUI to reflect the change.
nvram -d fmm-computer-name
nvram -d fmm-mobileme-token-FMM
killall -HUP findmydeviced
killall -HUP FindMyMacd
Technically removing the fmm-computer-name
variable and restarting the FindMyMacd
process are not required but for completeness they are shown. Since FindMyMacd obviously has something to do with FMM I would rather restart it just incase Apple changes something in a future release.