Posted on 04-29-2020 12:33 AM
Hi all,
I am trying to use applescript to select a specific Configuration Profile (MDM Profile) but I am unable to do (can find it how to do this) The reason is for a little help script to have users click the 'Approve' button without looking for the setting.
Any help is appreciated
Posted on 04-29-2020 12:52 AM
I’m not sure if what you are attempting to do exactly is just get them to Profiles in System Preferences or if you’re trying to get them there but also select specifically the MDM profile as well. I use Jamf Helper to popup a message letting them know what is going on and when they click OK on the popup it takes them to Profiles but it wont preselect the MDM profile, since the CA certificate profile is first that will be preselected. Here is the shell script I use. Let me know if its of any help.
#!/bin/bash
consoleuser=`/bin/ls -la /dev/console | /usr/bin/cut -d " " -f 4`
sudo pkill -1 'System Preferences'
/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper -windowType utility -title "NameOfMyComapny" -description "Due to new Apple security features you will be required to approve a profile on the following window. You will only have to approve this profile once.
After clicking OK a window will popup, on this new window click on MDM Profile on the left pane, then click on the Approve button and you will be asked to confirm to Approve once more, click Approve to complete the process." -icon /private/tmp/companylogo.png -button1 "OK" && sudo -u $consoleuser open /System/Library/PreferencePanes/Profiles.prefPane && sleep 120
exit 0
Posted on 04-29-2020 01:42 AM
Thanks for the reply. I can open the system Preferences and even open Configuration Profiles. But I want to select the MDM Profile (yes my users are not that smart) That's the thing I want to accomplish. the user will only have to press the approve button there..
Posted on 04-29-2020 01:46 AM
I will dig into this later today in a virtual machine and see if there is any way to get this done. It’s very early here where I am. I will reply to you with my findings. The idea does sound interesting.
Posted on 10-08-2020 12:15 PM
@rblaas @arivera I'm in the same situation; curious to know if a solution was found. Thanks.
Posted on 10-08-2020 12:46 PM
As far as I’ve tried many things I haven’t found a way to do this unfortunately.
Posted on 10-08-2020 07:21 PM
Tried this?
https://jerbecause.wordpress.com/2018/02/18/remotely-approving-uamdm/
Posted on 10-08-2020 07:25 PM
Only one problem. This method will not work on Mojave and above.
Posted on 10-09-2020 11:15 AM
Technically it still works, but I think the manual effort to enable all the permissions isn't worth it.
Below is a quick video
https://streamable.com/3aaoc8
Posted on 10-09-2020 11:56 AM
I probably should’ve clarified and not assumed that if you are going to manually set up the issues you are going to run into because of PPPC on Mojave you might as well just click approve yourself.
Posted on 10-21-2020 06:29 AM
To clarify my question,
It is not about auto approving.. But display the MDM profile. (not just all profiles, but really select the mdm profile so the user can just click approve)
Posted on 10-21-2020 06:52 AM
@rblaas I do understand what you mean, I believe I tried many ways to do this before but never got to it. I get it that you are trying to make it as simple as possible for the users so that there is no excuse or confusion of where they need to go. Hopefully someone can chime in and provide some solution.
Posted on 10-21-2020 06:53 AM
@arivera thanks :) Although I kinda have given up hope :)
And it is not that bad because most computers are now under DEP .