We discover that the State assessment app on Mojave does not have the checkbox to allow the Microphone in Security > Privacy > Microphone.
I believe that the setting is managed by PPPC. When I set the Privacy Preferences Policy Control setting, I can only set Deny for the Microphone.
How do you enable the checkbox for a particular app in Security > Privacy > Microphone? Is this setting managed by the PPPC setting?
Thank you in advance for any advice.
I total get why "Allow" settings for Camera and Microphone is not an option. But has anyone figure out a way to allow a user to give apps access to enable these settings without needing to have access to the pane?
We have the "Security and Privacy" pane locked down and need to find a way to allow apps to Allow Camera and Microphone without having to enter that pane. Maybe system message that the user can click on and it enable the settings for them?
Any one attempted this yet?
@hugedash If an app is requesting mic or camera access, the user will get a consent pop-up. The user can be a standard account to accept those prompts (there are exceptions if the privacy prompt is for accessibility or full disk access).
If you're running into a situation where the user accidentally clicked "Don't Allow" or the pop-up timed out and the user can't get the app approved, then your next route would be offering something in self service.
#!/bin/sh # resets the TCC camera approval database tccutil reset Camera # resets the TCC microphone approval database tccutil reset Microphone
Note: the apps requesting approval and System Preferences need to be quit for this to work. So if Slack needs to be reset, and Slack is open, then the camera/mic approval window still won't show.
I know this thread is a bit old, but needing to get TestNav (education testing tool) to allow the microphone for all users (students are not admins), similar to what @tnielsen is describing. Last spring this wasn't an issue for us as we were not running Mojave. PPPC tool still only has the "deny" option. I see the script above from @sshort, did you just keep this in SS and point users back to SS? High school kiddos are not always the most corporative and will continue to click "don't allow" to avoid testing. As management, we try to eliminate as many of these roadblocks as possible.
Thanks for any feedback!
@swallace, Larry is correct. You can no longer programmatically enable an application to use the microphone. This is a privacy concern with Apple.
However, the microphone does not require admin privileges to enable it after the prompt has been denied. This is a per user choice not a system-wide choice. Choose Microphone under the Privacy tab in the Security & Privacy pane and the current user can enable the testing application without unlocking the pane.
You can enable microphone and camera programmatically by manually editing the TCC.db. I can't figure out how to do this for Screen Recording using this method (I think this is managed by the /Library level TCC.db but that is SIP protected), but this method works fine for Mic and Camera.
Enable Microphone in Skype For Business for the currently logged in user -
#!/bin/sh #get username user=`stat -f "%Su" /dev/console` sqlite3 /Users/$user/Library/Application Support/com.apple.TCC/TCC.db -cmd "INSERT or REPLACE INTO access VALUES('kTCCServiceMicrophone','com.microsoft.SkypeForBusiness',0,1,1,NULL,NULL,NULL,'UNUSED',NULL,0,1541440109);" ".exit"
Enable Camera in Teams for the currently logged in user -
#!/bin/sh #get username user=`stat -f "%Su" /dev/console` sqlite3 /Users/$user/Library/Application Support/com.apple.TCC/TCC.db -cmd "INSERT or REPLACE INTO access VALUES('kTCCServiceCamera','com.microsoft.teams',0,1,1,NULL,NULL,NULL,'UNUSED',NULL,0,1541440109);" ".exit"
Nevermind I understand now. That is the actual command "INSERT INTO access VALUES" or "REPLACE INTO access VALUES". I am trying to sudo to just view the database using this command
"sqlite3 ~/Library/Application Support/com.apple.TCC/TCC.db" and getting read-only database error. I can't even run "sudo ls -la" to view the permissions.
Hi @hkabik , thank you for the Skype for Business command to enable Skype for Business microphone for the current user. This worked during Mojave and Catalina. Now in Big Sur, I get the following error:
'Error: table has 13 columns but 12 values were supplied'
I tried to view the schema of the table called 'access' (e.g. sqlite> .schema access'), but I could not figure out where the change is. After a few trials and errors, I found it.
So for Big Sur to enable Skype for Business's microphone, the updated command is:
#!/bin/sh #get username user=`stat -f "%Su" /dev/console` sqlite3 /Users/$user/Library/Application Support/com.apple.TCC/TCC.db -cmd "INSERT or REPLACE INTO access VALUES('kTCCServiceMicrophone','com.microsoft.SkypeForBusiness',0,1,1,0,NULL,NULL,NULL,'UNUSED',NULL,0,1541440109);" ".exit"
So I finally got around to trying this. I'm not familiar with SQL at all but i downloaded DB Browser for SQLite and found the entry for what I was trying to automate and just filled out the fields in order to match. I replaced BLOB (a long Binary section of code) with NULL and it worked for me!