authenticate-admin-30

Authorisation Right in macOS

The authenticate-admin-30 authorization right appears in the following versions of macOS.

macOS 10.9 / 10.10 / 10.11 / 10.12 / 10.13

  {
    'allow-root' : 'false',
    'authenticate-user' : 'true',
    'class' : 'user',
    'comment' : 'Like the default rule, but 
              credentials remain valid for only 30 seconds after they\'ve 
              been obtained.  An acquired credential is shared by all clients.',
    'group' : 'admin',
    'session-owner' : 'false',
    'shared' : 'true',
    'timeout' : '30',
    'tries' : '10000'
  }

macOS 10.6 / 10.7 / 10.8

  {
    'class' : 'user',
    'comment' : 'Like the default rule, but 
              credentials remain valid for only 30 seconds after they\'ve 
              been obtained.  An acquired credential is shared by all clients.',
    'group' : 'admin',
    'shared' : 'true',
    'timeout' : '30'
  }

See other macOS Authorization Rights.