Hello everyone, After spending hours digging through forums trying to find a reliable way to fully automate the AVID NEXIS Client Manager installation on macOS, I’m sharing this step-by-step guide to save others the same trouble I went through.Unfortunately, Avid doesn't provide much help on this topic, so I hope this helps streamline your deployment.I’m aware that this isn’t the most secure or ideal approach, and there’s definitely room for improvement — but it works for us.If you have suggestions or improvements, feel free to share!If this can help new Mac admins or anyone else, all the better! Useful resources I consulted: Managing Legacy Kernel Extensions in macOS Using Jamf Pro - Technical Articles | Jamf System extensions in macOS - Apple Support (CA) System Security Prerequisites Before any installation, it's critical to adjust macOS security settings to allow the required kernel extensions for AVID NEXIS to load properly. For Apple Silicon Macs (M1/M2/M3):Boot into recovery mode, open the Startup Security Utility, and: Set security to "Reduced Security" Check "Allow user management of kernel extensions from identified developers" For Intel Macs:Boot into recovery mode and run the following command in Terminal to disable SIP: csrutil disable These steps are required to enable the system to load the necessary kernel extensions. PPPC Configuration App Identifier to allow: Bundle ID: com.avid.AvidNEXISClientManager Code requirement: anchor apple generic and identifier "com.avid.AvidNEXISClientManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4UYUA773XD") Services That Can Be Preapproved (No User Interaction Needed) You can preauthorize the following services via a configuration profile to avoid user prompts during AVID NEXIS usage.Choose what’s relevant for your environment: SystemPolicyNetworkVolumes FileProviderPresence SystemPolicyDocumentsFolder MediaLibrary SystemPolicyDesktopFolder SystemPolicyRemovableVolumes SystemPolicyDownloadsFolder Accessibility SystemPolicyAllFiles KEXT: Kernel Extension Approval Information required for your configuration profile: Developer Name: Avid Technology Inc Team ID: 4UYUA773XD Kernel extensions to approve: Display Name Bundle Identifier AvidNEXIS com.avid.filesystems.AvidNEXIS AvidUnityISIS com.avid.filesystems.AvidUnityISIS (Optional: Only approve specific bundles as needed.) Deployment Steps Deploy the AVID NEXIS client installer PKG using Jamf or your preferred tool. Run a license/configuration copy script, if required. Reboot the machine with kext cache rebuild (no delay). KEXT Local Path Identifier: com.avid.filesystems.AvidUnityISIS Path: /Library/Extensions/AvidUnityISIS.kext

Automation Guide: AVID NEXIS Client Manager on macOS intel / silicon

Hello everyone,

After spending hours digging through forums trying to find a reliable way to fully automate the AVID NEXIS Client Manager installation on macOS, I’m sharing this step-by-step guide to save others the same trouble I went through.
Unfortunately, Avid doesn't provide much help on this topic, so I hope this helps streamline your deployment.
I’m aware that this isn’t the most secure or ideal approach, and there’s definitely room for improvement — but it works for us.
If you have suggestions or improvements, feel free to share!
If this can help new Mac admins or anyone else, all the better!

Useful resources I consulted:

System Security Prerequisites

Before any installation, it's critical to adjust macOS security settings to allow the required kernel extensions for AVID NEXIS to load properly.

For Apple Silicon Macs (M1/M2/M3):
Boot into recovery mode, open the Startup Security Utility, and:

Set security to "Reduced Security"
Check "Allow user management of kernel extensions from identified developers"

For Intel Macs:
Boot into recovery mode and run the following command in Terminal to disable SIP:

csrutil disable

These steps are required to enable the system to load the necessary kernel extensions.

PPPC Configuration

App Identifier to allow:

Bundle ID: com.avid.AvidNEXISClientManager

Code requirement:

anchor apple generic and identifier "com.avid.AvidNEXISClientManager" and

(certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or

certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and

certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and

certificate leaf[subject.OU] = "4UYUA773XD")

Services That Can Be Preapproved (No User Interaction Needed)

You can preauthorize the following services via a configuration profile to avoid user prompts during AVID NEXIS usage.
Choose what’s relevant for your environment:

SystemPolicyNetworkVolumes
FileProviderPresence
SystemPolicyDocumentsFolder
MediaLibrary
SystemPolicyDesktopFolder
SystemPolicyRemovableVolumes
SystemPolicyDownloadsFolder
Accessibility
SystemPolicyAllFiles

KEXT: Kernel Extension Approval

Information required for your configuration profile:

Developer Name: Avid Technology Inc
Team ID: 4UYUA773XD

Kernel extensions to approve:

Display Name	Bundle Identifier
AvidNEXIS	com.avid.filesystems.AvidNEXIS
AvidUnityISIS	com.avid.filesystems.AvidUnityISIS

(Optional: Only approve specific bundles as needed.)

Deployment Steps

Deploy the AVID NEXIS client installer PKG using Jamf or your preferred tool.
Run a license/configuration copy script, if required.
Reboot the machine with kext cache rebuild (no delay).

KEXT Local Path

Identifier: com.avid.filesystems.AvidUnityISIS
Path: /Library/Extensions/AvidUnityISIS.kext

Page 1 / 1

Great job on this! I fight constantly with our communications department and configuring Nexis every year!! uggh. But I just built this config profile and when it tries to install it says :

So not 100% sure where to go next.... I did unscope all other nexis Cps before scoping this one.

Thoughts or help welcomed...

-Todd

Great job on this! I fight constantly with our communications department and configuring Nexis every year!! uggh. But I just built this config profile and when it tries to install it says :

So not 100% sure where to go next.... I did unscope all other nexis Cps before scoping this one.

Thoughts or help welcomed...

-Todd

Solved it, I copied the formatting, it didn't like the white space... it deployed.

Hi there. I’m in the same situation. I have the PPPC and KEXT set up, but we’re still seeing the need to manually approve the system extensions in Privacy & Security. However, the KEXT i have does not have com.avid.filesystems.AvidFOS. The screenshot with that and the following text are confusing. Are the 2 in the table the optional ones? As I only have those two in the KEXT.

Would the addition of the FOS remove the manual approval?

Any info would be appreciated since I have had to manually approve 60+ computers… 😅 Thank you!

Hi there. I’m in the same situation. I have the PPPC and KEXT set up, but we’re still seeing the need to manually approve the system extensions in Privacy & Security. However, the KEXT i have does not have com.avid.filesystems.AvidFOS. The screenshot with that and the following text are confusing. Are the 2 in the table the optional ones? As I only have those two in the KEXT.

Would the addition of the FOS remove the manual approval?

Any info would be appreciated since I have had to manually approve 60+ computers… 😅 Thank you!

In addition, are the KEXT and PPPC profiles supposed to be combined or separate?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded