Question about creating PPPC profile for full disk access

Question

Hello all,I created a PPPC config profile to grant OneDrive full disk access.  Jamf Pro says the config profile is successfully installed on my test Mac, but when I check Privacy & Security → Full Disk Access it shows that OneDrive does not have full disk access.  Is it normal for this change not to reflect in settings or am I missing something/doing something wrong?  For clarification I have made the config profile directly in Jamf Pro and using the Jamf PPPC utility and uploading the config profile into Jamf Pro afterwards. Thanks!

naschenbrenner · Accepted Answer

When explicitly allowing Full Disk Access to an application you won’t see it reflected in System Settings. You can check that it’s working by enabling Full Disk Access for your terminal and then running the command:

sqlite3 /Library/Application\ Support/com.apple.TCC/TCC.db \
  'select client from access where auth_value and service = "kTCCServiceSystemPolicyAllFiles"'

This will list all app identifiers that have Full Disk Access. This command won't work if terminal doesn’t have Full Disk Access itself, so just keep that in mind.

DJJazzyJamf · Answer

When explicitly allowing Full Disk Access to an application you won’t see it reflected in System Settings. You can check that it’s working by enabling Full Disk Access for your terminal and then running the command:

sqlite3 /Library/Application\ Support/com.apple.TCC/TCC.db \
  'select client from access where auth_value and service = "kTCCServiceSystemPolicyAllFiles"'

This will list all app identifiers that have Full Disk Access. This command won't work if terminal doesn’t have Full Disk Access itself, so just keep that in mind.

This is exactly what I was looking for. Thanks!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded