Mobileconfig creation file for VPN extension blocking

Hello all,

I need some help for a newbie. I've been tasked with deploying this:
<key>ExtensionSettings</key>
<dict>
<key>*</key>
<dict>
<key>blocked_permissions</key>
<array>
<string>"proxy", "vpnProvider"</string>
</array>
</dict>
</dict>

I was told that I need to save it as a .mobileconfig file and then deploy it.

My problem is that I have never had formal training and everything has been a trial and error process.

How would I create this and with what tool? The end goal is trying to block VPNs that the students use in the Chrome browser to circumvent our firewall.

This script is from iBoss and we've been told that it will block VPNs.

I'm also assuming that where it says "vpnProvider" I'd put the extensions lengthy ID number.

Any ideas? Thanks in advance for all the assistance.

Page 1 / 1

You're better off creating a whitelist of extensions and using the "*" wildcard to block everything else. Here is an example:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>ExtensionInstallForcelist</key>
            <array>
                <string>honjcnefekfnompampcpmcdadibmjhlk;https://clients2.google.com/service/update2/crx</string>
            </array>
        <key>ExtensionInstallWhitelist</key>
            <array>
                <string>aohghmighlieiainnegkcijnfilokake</string>
                <string>ghbmnnjooekpmoecnnnilnnbdlolhkhi</string>
                <string>felcaaldnbdncclmgdcncolpebgiejap</string>
                <string>aapocclcgogkmnckokdopfmhonfmgoek</string>
                <string>honjcnefekfnompampcpmcdadibmjhlk</string>
                <string>inoeonmfapjbbkmdafoankkfajkcphgd</string>
                <string>kbfnbcaeplbcioakkpcpgfkobkghlhen</string>
            </array>
        <key>ExtensionInstallBlacklist</key>
            <array>
                <string>*</string>
            </array>
    </dict>
</plist>

You'll want to use this utility to create a profile that you can upload to JAMF.

Thank you. I'll be honest though, I'm having no luck with that utility. Is it an actual app?

No, you have to use the terminal.

Ok. Bear with me on this.

I am not able to figure out what I do to create this and then push out. I've got Xcode but can't make heads or tails of it.

Would you be willing to create a step-by-step? I've been tasked with pushing this out and I am struggling greatly.

Thank you for your continued assistance.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded