I don’t believe so, profiles in macOS are applied on a system level and are always enforced. It would be helpful to know what settings you need to “disable” to make changes and then “re-enable” as Meraki doesn’t talk to AD in this way. You mention “a” profile, does this mean you loaded all of the settings/payloads you want into a single mobileconfig profile? If so, you should consider breaking that down into multiple, smaller profiles. For example: I used to have a single profile that enforced the firewall, and set a message at the lock screen with contact info in case the laptop was stolen. For various reasons, I had to uninstall the profile from a user’s Mac to test firewall settings. During that process, the user’s laptop was stolen. It eventually checked into the Meraki portal to report an updated location, but our interaction with the local police dept would have been smoother had the owner contact info been easily visible on the lock screen (which was removed when the profile was uninstalled). Now I have a separate profile for each function, so if I need to remove or update a profile it doesn’t affect multiple settings. Also, because profiles will enforce the setting there are some adjustments that can be made with the defaults command in a script. For example: I want to ensure my Macs are set to Central US time zone during the user provisioning phase, however the user may be traveling and needs the ability to adjust their time zone as needed. So I don’t use a profile, which would always enforce Central US time. I’ll run this: usr/sbin/systemsetup -settimezone "America/Chicago"
... View more