Disable Power Nap

What the Power Nap Disabler does

This Automox Worklet™ disables Power Nap on macOS endpoints. Power Nap is a macOS feature that allows the system to wake from sleep to perform background tasks such as mail fetching, calendar updates, and backup operations.

The Worklet uses the pmset command to query and disable Power Nap across all power settings. It detects whether Power Nap is currently enabled by checking the system's power management configuration, then applies the necessary changes to prevent unwanted wake events.

Why disable Power Nap on your network

Power Nap creates a significant security concern in restricted network environments. When a Mac wakes from sleep, it becomes vulnerable to network-based attacks and can bypass physical security controls that depend on the endpoint remaining asleep.

Organizations enforcing strict endpoint sleep policies benefit from disabling Power Nap to maintain consistent security baselines. This prevents unexpected network activity, reduces attack surface, and ensures endpoints honor your organization's power management standards.

How Power Nap disabling works

1. Evaluation phase: The Worklet checks the current power settings using the pmset command to determine whether Power Nap is enabled on any power configuration. It counts instances of 'powernap 1' in the system's power management settings.

2. Remediation phase: If Power Nap is found enabled, the Worklet disables it by running pmset -a powernap 0. This command applies the setting across all power modes on the endpoint.

Power Nap disabling requirements

• macOS endpoint with Power Nap capability (most modern Macs support this feature)

• Administrative or root privileges to modify system power settings

• Access to the pmset command-line utility

Expected Power Nap behavior after remediation

After the Worklet runs successfully, Power Nap is disabled across all power settings on the endpoint. The Mac will no longer wake automatically to perform background tasks like mail synchronization, calendar updates, or system backups while in sleep mode.

You can verify the change by running pmset -g everything and confirming that 'powernap 1' does not appear in the output. Subsequent Worklet runs will confirm compliance, as the Worklet recognizes Power Nap is already disabled and requires no further action.

How to validate disable power nap changes

1. Run this Worklet on a pilot macOS endpoint and review evaluation output for disable power nap.

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as else, exit.

4. Validate remediation effects from script operations such as else, pmset, exit, then rerun evaluation for compliance.

For technical validation, compare endpoint state to the Worklet evaluation logic and remediation flow for disable power nap. This supports repeatable security workflows, faster change control review, and auditable compliance evidence.

Useful script references for this Worklet include evaluation operations such as else, exit and remediation operations such as else, pmset, exit. Use these indicators to verify that endpoint changes match intended policy outcomes.

For technical validation, compare endpoint state to the Worklet evaluation logic and remediation flow for disable power nap. This supports repeatable security workflows, faster change control review, and auditable compliance evidence.

Useful script references for this Worklet include evaluation operations such as else, exit and remediation operations such as else, pmset, exit. Use these indicators to verify that endpoint changes match intended policy outcomes.