Help

Mojave - 10.14 - TCC - Privacy Controls and Jamf

boberito
Valued Contributor

Posted on ‎09-28-2018 10:36 AM

What needs to be whitelisted? We’re on 10.7.1, so the jamf binary i know is taken care of I believe by being on that.

We have tons of scripts and extension attributes that run that are bash, python, and some that call osascript. Do we have to give full access to the bash and sh shell? That seems silly. But if we don’t will users get prompted anytime a policy runs or they run a policy from self service that uses a script?

Are these covered since they’re being ran by jamf?

Reply
3 REPLIES 3

boberito
Valued Contributor

Posted on ‎09-28-2018 12:55 PM

So ya gonna need to whitelist everything under the sun otherwise things will fail and users will get pestered unnecessarily.

Reply

Hugonaut
Valued Contributor II

Posted on ‎09-28-2018 03:10 PM

Gotta Love it! Only if Apple Provided First Party Solutions! Or gave root r/w access to the tcc.db sigh

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month
Reply