So I am doing a POC using the SAP privileges app and the @rtrouton mastery, as defined by the flow here, which allows for the extending of privileges for a given user:
https://github.com/ChrOst/PrivilegesHelper
I'm (perhaps unsurprisingly) running into PPPC issues. The final piece of the puzzle relies on a Jamf policy called by a script which is checking the timing of the admin privileges. In other words, if the user has exceeded the time limit, a call is made to Jamf (via custom event) to run a script asking if you need more time or should be demoted to standard user (and BTW using Jamf because "demoting locally without use of jamfPro would require you to sign the script AND there are no auditable logs")
But I can not get the pop-up box asking the question about a possible extension to show up. This is an osascript piece built into the script run by the jamf policy. I have tried creating a PPPC config profile allowing Finder access by Jamf, osascript and terminal, and none of them seem to work... Of course allowing it manually (when prompted initially by the Mac GUI) works great, but I'd like to avoid this for the end user and have it all be seamless.
I realize I said PPPC and seamless in the same post, forgive me.
Has anybody dealt with this? Am I missing something obvious here?
