Skip to main content

Anyone know how to configure the Privacy Preferences Policy Control section in a Jamf Configuration Policy to whitelist dscl.exe running in Terminal?

Here's the TCC info for the prompt:
2019-09-06 15:20:14.901237-0500 0x82f1 Info 0x8ff0 7967 0 tccd: [com.apple.TCC:access] AttributionChain: RESP:{ID: com.apple.Terminal, PID[7976], auid: 501, euid: 501, responsible path: '/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal', binary path: '/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal'}, ACC:{ID: com.apple.dscl, PID[16480], auid: 501, euid: 0, binary path: '/usr/bin/dscl'}, REQ:{ID: com.apple.sandboxd, PID[123], auid: 0, euid: 0, binary path: '/usr/libexec/sandboxd'}

I guess if it's not listed somewhere to run it, give it an "OK", then look in the Security & Privacy pref pane to see what's added...

I still haven't figured this one out.
What I'm looking for is help determining what goes in each of the fields in the PPPC section of a config profile.
If the fields are these,

What parts of the TCC info from the prompt goes in the Identifier, Code Requirement, and App Or Service sections?
I'm trying different combinations and have went over tons of stuff about it online, but nothing has helped to get it right. I'm hoping someone in jamfnation has made a config from the tcc info and can help.

I know this is an old post and you've probably resolved your issue but in case you haven't...

I was having the same problem and worked with support to get this set up. Here is my working PPPC setting.

Terms & ConditionsCookie settingsAccessibility statement