I'm getting this message on 10.14 Macs even though the Privacy Preferences Policy Control profile is installed.
This is the config you're referring to correct? It should 100% work. Works for out Mojave machines
User Approved MDM? or DEP? - if User Approved is the MDM Approved? (Kind of a stupid question being Mojave, I know we're all using DEP but just making sure the profiles approved) - & you've looked through the console logs?
If that's approved, im out of ideas and if nobody else here has any input, I'd reach out to your Jamf Buddy / one of the engineers to troubleshoot, that really really really should not be happening haha
@allanp81 Getting back to this, it's during our main setup after enrollment/MDM, once Self Service gets installed. So, basically step 2 (with step 1 being enroll) - there are about two dozen apps and two dozen scripts that get applied and I think this is one of the scripts. Looking at the content of /Library/Application Support/JAMF/tmp it LOOKS like part of my logic to transfer SecureToken to a newly created local admin account where I'm setting the user's icon. Specifically this is the block of code JAMF is executing:
#$4=username $5=userpw $9=UID $path=/Library/User Pictures/Fun/Gingerbread Man.tif /usr/bin/dscl localhost -delete /Local/Default/Users/$4 /bin/sleep 5 /bin/rm -Rf /Users/$4 SETUPUSER=$(/usr/sbin/sysadminctl -addUser $4 -password $5 -admin -UID $9 -fullName "$4" -picture "$path" 2>&1)
In my book I'm going to chalk this up to an instance of Apple making Catalina (and likely Bug Sir) a little too much like Windows Vista.
I'm still plagued with this on the devices I can't use with ABM yet... there's a similarly dead-ended thread here:
I've tried everything including tearing my hair out to no avail. In my case a script called in a policy that's running sysadminctl to add a securetoken to a user seems to be generating this prompt; I've taken that standard JamfAppleEvents.mobileconfig and added sysadminctl with allowed accessibility, admin files, all files (since it specifically seems to hang on creating a new home folder for the user.) I deduced this from getting the contents of the policy output from /Application Support/JAMF/tmp/POLICY##.tmp and that was the next line that appeared AFTER I clicked OK.