Skip to main content

Swif Admin User Behavior on Managed Devices

Updated this week

When devices are managed by Swif.ai, a special administrative account called "Swif admin" is created by default. Its visibility and purpose depend on the device's operating system and ownership type.

macOS

  • Visibility: The Swif admin account is hidden by default.

  • Purpose: Facilitates secure remote management and administrative tasks without interfering with the end-user.

  • Settings: Refer to Managing BYOD Enrollment for macOS in Swif to control the Swif admin behavior. Specifically, setting "Disable device admin user" to enabled to prevent the creation of the Swif admin account.

  • Capabilities: On macOS devices, the Swif admin user is utilized for certain elevated tasks, such as privileged actions for remote management or troubleshooting.

    • ✔ Create or modify user accounts

    • ✔ Reset or change passwords

    • ✔ Retrieve FileVault Disk Encryption (FDE) recovery keys

    • ✔ Secure Token management for account recovery

    • ✔ Run as Swif admin user for a command

Windows

  • Visibility: The Swif admin user is visible by default. On BYOD Windows and Azure-connected device configurations, no Swif admin is created.

  • Purpose: Allows administrators to perform remote administrative operations.

Linux

  • Purpose: Provides a secure and non-intrusive way to perform administrative and remote management tasks.

  • Visibility: The Swif admin account is hidden by default, and can log in to. After a soft wipe, the Swif admin becomes non-hidden and can log in.

  • Automatic Swif Admin Password Enforcement on Linux Devices

    On Linux devices managed by Swif.ai, the Swif Admin (swifteam) account password is automatically monitored and enforced to match the value stored on the Swif MDM server.

    • Routine Checks:
      The Swif agent routinely checks if the local Swif Admin password matches the server’s record.

    • Automatic Reset:
      If the password is changed locally (outside of Swif), the agent will automatically reset it to the server’s value. If a password history policy is enforced, a new compliant password will be generated and set both on the device and in the server.

    • No User Alert:
      This process is silent—no user notification or UI alert is shown on Linux devices.

    • Reporting:
      Any detected password change is reported to the MDM server, allowing administrators to review these events in the Swif Web App.

    • Policy Compliance:
      Password resets respect any configured password policies, including history and complexity requirements.

    Note:
    This behavior ensures that the Swif Admin account remains secure and consistent across all managed Linux devices, with no manual intervention required from end users.

  • Settings: The Swif admin can be managed based on device ownership. For detailed instructions, see Managing the Swif Admin User on Linux (BYOD and Non-BYOD).

Company-Owned vs. BYOD Devices

  • Company-Owned Devices: Swif admin accounts are created by default to ensure seamless remote administration.

  • BYOD Devices: Swif admin accounts may be disabled or hidden based on specific enrollment settings, respecting user privacy and device ownership.

Did this answer your question?