@hkabik I wonder if I can capture the setting in Composer after installing the software

No, I don't think that will work either. It's stored in a sqlite database, not a regular plist file or other simple setting first off. Second, the location where it lives is protected by SIP if I'm not mistaken, which is the main problem and why it can't be changed. So, sadly, managing this programmatically is no longer an option.

Hello World, SO, this means that this feature is NO longer modifiable even via JAMF? Anyone know if some genius out there is working on a solution?

Ciao

DITTO! As always, our end users ignore the prompt (smartboard in our case), which means we have to go in after the fact, and it's causing some pain..

You'd have to update to Mojave to pre-approve this with a PPPC profile

Would deploying a TCC/PPPCP configuration profile through Jamf work if you set the targeted app (such as TeamViewer.app) to "Allow" on the Security -> Accessibility TCC setting? I know you can't use a remote app or script to manage it anymore.

BUMP! Where we at?! We've lost the ability to control systems via TeamViewer for Mojave users who do not have local admin rights...

@kevin.v its eluded to above but if your machines are 10.14.x then you can fix this by uploading a custom configuration policy.
Found this persons repository very helpful: (i think it might be @sshort 's)
LINK

@ben.mcneil it me 😀

Bump. Our school updates to the latest operating system - the summer following the release; so we are stuck with High Sierra - and need to approve Google Drive File Stream for students.

Bump

I am trying to figure this out, too. I had a profile working that I created in PPPC however it stopped working and I'm not sure why.

Any new information on this?

Bump
Still working on this - too. Need to open the System Preferences Panel - Security & Privacy - Privacy.

But not the other panels there (General, FileVault, Firewall).

There is a BLOCKED KERNEL in JamfNation.com - not sure if this is the "lead" or if it is going in another direction.

This may be a silly question

If the admin credentials are known, is there not a way of releasing a script that inputs the admin user/password in and then enables the Accessibility control and then locks it again?

This is sounding a bit advanced for Bash but maybe python or applescript?

@callum.baird82 Any action that simulates clicks requires Accessibility permissions. Doesn't make sense to create a script that needs admin approval/PPPC whitelisting for accessibility... that in turn gives admin approval/PPPC whitelisting for accessibility to another app.

Bump

Use this to create a config profile that allows your app - https://github.com/jamf/PPPC-Utility/releases

And see this recent video which is highly detailed on the topic of PPPC - https://youtu.be/Po_h3KdgYmw

@gmusland If the Macs are on High Sierra, then none of these PPPC approval profiles apply to your org's situation. Anything that is giving you an accessibility pop-up would have to be approved manually by the user in High Sierra (or earlier).

Not sure what you mean here:

There is a BLOCKED KERNEL in JamfNation.com - not sure if this is the "lead" or if it is going in another direction.

Any way around getting Prey requesting permission to use the camera?

After using the PPPC utility and allowing a bunch of access. The app I want to approve shows in the Privacy->Accessibility pane but does not show a checkmark next to it. How do I get it to "enable" or put a check there?

@kricotta The check mark won't show if you allowed it via the PPPC utility. It's a "feature".

I used https://github.com/jamf/PPPC-Utility/releases . to add Animate, Photoshop and Maya 2018. Unfortunately, the confguration profile did not change a thing.

What am I doing wrong?

JAMF Pro 10.12.0-t1555503901

Mojave 10.14.6

This seemed like a very simple process. Apparently I am missing something.

Was informed the changes will not show in the GUI. Which I find ridiculous.

I would like to bump this as it was the best solution I found with the current WFH craze and people using Zoom for Remote Control support.
I followed the link from @corey.coles https://github.com/jamf/PPPC-Utility/releases, used this utility to add the Zoom application and Allow Accessibility. Once this was distributed via Jamf Pro, as stated, the box was not checked, but I was able to remote control another device without them needing to allow the accessibility.

I think we can all agree that Apple has made a mess of managing this.

From day one they have had deaf ears to the simplest of solutions - separate Security and Privacy into separate prefpanes. It’s only gotten worse from there.

It’s honestly one of the reasons we have been advocating in my organization to migrate off Macs to Windows. There are so many things I as an administrator cannot manage on my Macs in my enterprise, and any successful workarounds, hacks, scripts et centers that we depend upon may stop working with the next update. It’s terribly frustrating that it has become harder to manage Apple devices at the same time that managing Windows and Chromebooks has become so much simpler.

The fact that Apple doesn’t even provide tools for this shows how little they care about the enterprise environment. In a way I cannot wait for Apple to ship ARM-based Macs as that will certainly kill off their value proposition for many enterprises.

I cannot believe THIS is how I have to manage user settings on macOS! PPPC shouldn’t even be a thing. Sigh.

It's not so bad when you can manage it via a Config Profile (yes it's more work but it's manageable) - the real bugbear is that you can only half manage it.
eg: Zoom we can deploy a config profile to enable Zoom in the Accessibility pane so that we can remotely control a device (and not give the end user admin rights to enable that function) however as soon as they want to share screen they are prompted to open System Preferences and check the box next to 'allow screen recording' (which doesn't require admin rights) as we can't add that entry to the config profile!
Same with Microsoft Teams.
Then you get on to video editing... Camtasia - do you want to allow access to Microphone? Yes. Webcam? Yes. Screen Recording? Yes. Files and Folders? Yes. Network Drive? Yes. Out of all that there's only 1 option we can control with a config profile.
Then there's the Notifications....

I'm in the process of deploying VNC Server to 77 iMacs so we can have half or more of the class remote in from their iPad.

VNC Server Needs Accessibility Checked to function. Cannot be done by a Standard User.
I've tried doing it with PPPC Utility - Does anyone have the Code Requirement.

I get the security risks with being able to invoke Screen Sharing/KVM access remotely but these are DEP configured Macs why is this 'feature' still broken?

If there isn't a fix for this I'm going to have to do it manually on each device using ARD or similar.

Having this issue for all of my Macs using TeamViewer. Need a resolution. I have ensured they have the proper profiles and other settings. It would appear that a month ago, we suddenly lost the ability for remote capability. Has there been any traction?