When devices are managed by Swif.ai, a special administrative account called "Swif admin" is created by default. Its visibility and purpose depend on the device's operating system and ownership type.
macOS
Visibility: The Swif admin account is hidden by default.
Purpose: Facilitates secure remote management and administrative tasks without interfering with the end-user.
Settings: Refer to Managing BYOD Enrollment for macOS in Swif to control the Swif admin behavior. Specifically, setting "Disable device admin user" to enabled to prevent the creation of the Swif admin account.
Capabilities: On macOS devices, the Swif admin user is utilized for certain elevated tasks, such as privileged actions for remote management or troubleshooting.
✔ Create or modify user accounts
✔ Reset or change passwords
✔ Retrieve FileVault Disk Encryption (FDE) recovery keys
✔ Secure Token management for account recovery
✔ Run as Swif admin user for a command
Windows
Visibility: The Swif admin user is visible by default. On BYOD Windows and Azure-connected device configurations, no Swif admin is created.
Purpose: Allows administrators to perform remote administrative operations.
Linux
Visibility: The Swif admin account is hidden by default.
Purpose: Provides a secure and non-intrusive way to perform administrative and remote management tasks.
Settings: The Swif admin can be managed based on device ownership. For detailed instructions, see Managing the Swif Admin User on Linux (BYOD and Non-BYOD).
Company-Owned vs. BYOD Devices
Company-Owned Devices: Swif admin accounts are created by default to ensure seamless remote administration.
BYOD Devices: Swif admin accounts may be disabled or hidden based on specific enrollment settings, respecting user privacy and device ownership.