+7I looked all over the internet, tried ChatGPT and can't find anything to allow a few websites to pop up windows. This is affecting our Intune Integration when Safari opens and it goes to login.microsoftonline.com and device.microsoftonline.com. It take 2-3 times before we can successfully get through the enrollment.
Does anyone know how to do this, I don't want to allow all pop-ups as I think that is dangerous. Apple isn't making this easy.
Best answer by DMH2000
I'll answer my own question here. There is an old script out there that uses a python command that doesn't work anymore. It needed to be changed to a simple scutil command line to find the logged on user.
#!/bin/sh
loggedInUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
echo $loggedInUser
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("device.login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values
("myworkday.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
+25@DMH2000 Unfortunately as you've discovered Apple provides very few configuration options for Safari. If you want to pre-configure web browser settings to provide a better experience for your users you should consider standardizing on a different browser such as Mozilla Firefox, Google Chrome, or Microsoft Edge which all offer significantly more options that can be managed.
+7Thanks @sdagley but Intune integrations needs Safari as other browsers fail right away. I figured it had to do with Apple's lack of options.
The reason yiou need Safari is from another thread: Users must have Safari set as the default browser because jamfAAD calls MSAL (https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-overview) to do the auth. And then MSAL calls Safari via the ASWebAuth framework (https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession) and that is using Safari.
+7I'll answer my own question here. There is an old script out there that uses a python command that doesn't work anymore. It needed to be changed to a simple scutil command line to find the logged on user.
#!/bin/sh
loggedInUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
echo $loggedInUser
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("device.login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values
("myworkday.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
+7
I removed the Workday.com item... but you can see the script populated the Pop-Up Windows items.
+25I'll answer my own question here. There is an old script out there that uses a python command that doesn't work anymore. It needed to be changed to a simple scutil command line to find the logged on user.
#!/bin/sh
loggedInUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
echo $loggedInUser
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("device.login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values
("myworkday.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
@DMH2000 Good find. Now to see how long before Apple breaks/fixes the ability to do that. :-(
I'll answer my own question here. There is an old script out there that uses a python command that doesn't work anymore. It needed to be changed to a simple scutil command line to find the logged on user.
#!/bin/sh
loggedInUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
echo $loggedInUser
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("device.login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values
("myworkday.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
Im getting a authorization denied message when trying to run the script, testing line by line the name is being gotten correctly, but sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("temple.edu","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db is not working. This is on a freshly cleared m1 mini on Sonoma but I ran it manually on my 27ich pro on Ventura and had same error.
+7Im getting a authorization denied message when trying to run the script, testing line by line the name is being gotten correctly, but sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("temple.edu","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db is not working. This is on a freshly cleared m1 mini on Sonoma but I ran it manually on my 27ich pro on Ventura and had same error.
@jharm I ran it manually as a script such as 'sudo sh safari.sh'. Maybe try that
+7Im getting a authorization denied message when trying to run the script, testing line by line the name is being gotten correctly, but sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("temple.edu","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db is not working. This is on a freshly cleared m1 mini on Sonoma but I ran it manually on my 27ich pro on Ventura and had same error.
Yeah I get that and also PerSitePreferences.db not exists. I think I'l give up now.
+12I just used this solution today, @DMH2000. Happy to see it still works!
We had a request to do the same thing with Firefox and Chrome for an internal site. Chrome seems to require Chrome Cloud configuration, but it looks like Firefox can be configured the same way with a "defaults write" command. My teammate who does most of our scripting is stoked to expand this into an extensible script with parameters.
+3I'll answer my own question here. There is an old script out there that uses a python command that doesn't work anymore. It needed to be changed to a simple scutil command line to find the logged on user.
#!/bin/sh
loggedInUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
echo $loggedInUser
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("device.login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values ("login.microsoftonline.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
sudo -u $loggedInUser echo 'insert into preference_values (domain,preference,preference_value) values
("myworkday.com","PerSitePreferencesPopUpWindow",2)'|sqlite3 /Users/$loggedInUser/Library/Safari/PerSitePreferences.db
Would this work on an iPad too or just a Macbook?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
