macOS 10.14 "Terminal" would like to administer your computer.

DirkM2012
Contributor

Some of my scripts are failing during enrollment and scheduled check-in. Running the policy from Terminal shows "Terminal" would like to administer your computer. Pressing OK allows the script to run ok on demand and in the future.

Not all script are effected, I have noticed this first with a script that creates/deletes a local admin account and tries to reset its password.

If there is no scripted way to allow "Terminal" to do what it is told to do, is there an option to display this message when a script is run via policy during enrollment or scheduled check-in?

4 REPLIES 4

sullrich
New Contributor III

This profile from Carl might be of help to you. https://github.com/carlashley/tccprofile/blob/master/generated_profiles/Terminal_Whitelist.mobileconfig

cbrewer
Valued Contributor II

DirkM2012
Contributor

I'm still running 10.7.0 but I guess I will update soon to see if that helps resolving the issue.

DirkM2012
Contributor

Updating to 10.7.1 resolved the issue with scripts not being able to create a local user and reset its password.

I have still the issue that Terminal needs to be added to Privacy / Automation to allow it to control Finder. I read https://www.jamf.com/jamf-nation/articles/553/preparing-your-organization-for-user-data-protections-on-macos-10-14 but I'm still confused on how to achieve this.

Ideally I would like to allow this during enrollment only and turn it back off once all my settings have been applied. Is this even possible?