Mojave - 10.14 - TCC - Privacy Controls and Jamf

boberito
Valued Contributor

What needs to be whitelisted? We’re on 10.7.1, so the jamf binary i know is taken care of I believe by being on that.

We have tons of scripts and extension attributes that run that are bash, python, and some that call osascript. Do we have to give full access to the bash and sh shell? That seems silly. But if we don’t will users get prompted anytime a policy runs or they run a policy from self service that uses a script?

Are these covered since they’re being ran by jamf?

3 REPLIES 3

boberito
Valued Contributor

So ya gonna need to whitelist everything under the sun otherwise things will fail and users will get pestered unnecessarily.

Hugonaut
Valued Contributor II

Gotta Love it! Only if Apple Provided First Party Solutions! Or gave root r/w access to the tcc.db sigh

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month