Jamf Prompting for access to Mail

jwbeatty
New Contributor II

Somewhere around macOS 10.15.5 or so several of my users began receiving a pop-up message from Jamf requesting access to Mail. If you make a selection from the prompt it does create an entry in Security & Privacy under Automation. I worked with an engineer at Jamf on the issue and they were not able to replicate it in their test environment or determine the cause in our environment. It seems to be connected to inventory collection and I can replicate the issue consistently
33719d858da24a2f95d66fa063393936
. Has anybody else seen this?
d787f8f160274489b52bf216291787a9

5 REPLIES 5

dlondon
Valued Contributor

I'm on 10.15.7 but haven't seen that entry for Jamf

da333909b1e44b3795198b5bd65e0355
But I think it might be covered by this Configuration Profile
6ec64a53881e4f60b867688d2159c3f9

dlondon
Valued Contributor

Is there something you do with Jamf for Mail? Maybe something in your setup or in Self Service?

jwbeatty
New Contributor II

We don't have anything tied to Mail in Self Service that I am aware of and we do distribute and install the PPP Control profile in our environment. It seems to be triggered by inventory collection. But what is weird is that it is not triggered when running jamf recon from Terminal. but any policy that includes an inventory update seems to trigger it. I assume that one of the many items that Terminal prompts for access to keeps it from being triggered. I may have to go back to Jamf support for this. Just thought I would check to see if anyone else was experiencing this before I open another ticket with them.

Jmw0039
New Contributor III

How was this solved? I am seeing the same issue with JAMF asking for permissions to Mail app and Outlook. It then creates an entry under Automation in Privacy tab of Security and Privacy.

--
Matthew Warren
College of Liberal Arts
Auburn University


jwbeatty
New Contributor II

Hi Matthew,

This is exactly what was happening to me. I figured out that it was happening during inventory collection. It turns out it was an extension attribute that was trying to collect the email address of the logged-in user from the Mail app and/or Outlook if they were installed and being used. The attribute was created when we started running Vision-Bot on our Jamf Pro instance. I disabled the extension attribute and the issue went away. Hope this helps!

 

--Josh