PPPC for Wacom drivers (again)

thebrucecarter
Contributor

Greetings all,

 
We're getting our Fall builds ready, and again I am facing the issue of automating the software installation for the Wacom tablets in our Industrial Design (17 Cintiq 27" panels) and Multimedia (10 Wacom 12" LCD tablets) labs.  I'd really like to not have to walk around to each one of these to individually allow the permissions they need (which is Wacom Technical Support's position).
 
Does anyone have, or know of, a way to automate this, particularly in Jamf Pro, but I'll take anything.  We are running Big Sur on a variety of Mac types, but no M1's have Wacoms hooked to them yet.  There were a variety of suggestions in Jamf Nation last year, but most of them were for Mojave and we were unable to get them to work successfully in Catalina.
 
Thanks in advance for any suggestions.
13 REPLIES 13

user-SnGuCuiWhN
New Contributor

I'm revisiting this as well it seems like in Big Sur you need to allow input monitoring and PPPC doesn't let you set that permission. Have you tried bundling this with composer? 

thebrucecarter
Contributor

No, we've only tried using the Wacom installer.  Wacom itself has been absolutely no help, replying only that they "do not support this feature" (whatever that means).

JasonAtCSUMB
New Contributor III

I am also working on dealing with Wacom. Our labs are all 10.15 Catalina. Here's my PPPC config profile so far. I haven't had the chance to fully test this with the hardware, so I may be missing something.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDescription</key>
			<string></string>
			<key>PayloadDisplayName</key>
			<string>Privacy Preferences Policy Control</string>
			<key>PayloadEnabled</key>
			<true/>
			<key>PayloadIdentifier</key>
			<string>63542C50-E717-4B59-9383-0B41A3826D8E</string>
			<key>PayloadOrganization</key>
			<string>California State University - Monterey Bay</string>
			<key>PayloadType</key>
			<string>com.apple.TCC.configuration-profile-policy</string>
			<key>PayloadUUID</key>
			<string>63542C50-E717-4B59-9383-0B41A3826D8E</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Services</key>
			<dict>
				<key>Accessibility</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>AppleEvents</key>
				<array>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Display-Settings" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Display-Settings</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.RemoveWacomTablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.RemoveWacomTablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
			</dict>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Privacy Preferences Policy Control (transparency, consent and control) to allow Wacom tablet software to function properly.</string>
	<key>PayloadDisplayName</key>
	<string>Wacom PPPC</string>
	<key>PayloadEnabled</key>
	<true/>
	<key>PayloadIdentifier</key>
	<string>20B8AA04-0007-4654-907D-5B9792A0B71D</string>
	<key>PayloadOrganization</key>
	<string>California State University - Monterey Bay</string>
	<key>PayloadRemovalDisallowed</key>
	<true/>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>com.apple.TCC.configuration-profile-policy</string>
	<key>PayloadUUID</key>
	<string>20B8AA04-0007-4654-907D-5B9792A0B71D</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

  

JasonAtCSUMB
New Contributor III

I am also working on dealing with Wacom. Our labs are all 10.15 Catalina. Here's my PPPC config profile so far. I haven't had the chance to fully test this with the hardware, so I may be missing something.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDescription</key>
			<string></string>
			<key>PayloadDisplayName</key>
			<string>Privacy Preferences Policy Control</string>
			<key>PayloadEnabled</key>
			<true/>
			<key>PayloadIdentifier</key>
			<string>63542C50-E717-4B59-9383-0B41A3826D8E</string>
			<key>PayloadOrganization</key>
			<string>California State University - Monterey Bay</string>
			<key>PayloadType</key>
			<string>com.apple.TCC.configuration-profile-policy</string>
			<key>PayloadUUID</key>
			<string>63542C50-E717-4B59-9383-0B41A3826D8E</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Services</key>
			<dict>
				<key>Accessibility</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>AppleEvents</key>
				<array>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Display-Settings" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Display-Settings</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.RemoveWacomTablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.RemoveWacomTablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
			</dict>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Privacy Preferences Policy Control (transparency, consent and control) to allow Wacom tablet software to function properly.</string>
	<key>PayloadDisplayName</key>
	<string>Wacom PPPC</string>
	<key>PayloadEnabled</key>
	<true/>
	<key>PayloadIdentifier</key>
	<string>20B8AA04-0007-4654-907D-5B9792A0B71D</string>
	<key>PayloadOrganization</key>
	<string>California State University - Monterey Bay</string>
	<key>PayloadRemovalDisallowed</key>
	<true/>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>com.apple.TCC.configuration-profile-policy</string>
	<key>PayloadUUID</key>
	<string>20B8AA04-0007-4654-907D-5B9792A0B71D</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

 

JasonAtCSUMB
New Contributor III

I am also working on dealing with Wacom. Our labs are all 10.15 Catalina. Here's my PPPC config profile so far. I haven't had the chance to fully test this with the hardware, so I may be missing something.

 

			<key>Services</key>
			<dict>
				<key>Accessibility</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>AppleEvents</key>
				<array>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Display-Settings" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Display-Settings</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.RemoveWacomTablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.RemoveWacomTablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
			</dict>

 

JasonAtCSUMB
New Contributor III
I am also working on dealing with Wacom. Our labs are all 10.15 Catalina. Here's my PPPC config profile so far. I haven't had the chance to fully test this with the hardware, so I may be missing something.
 

Also Approved Kernel extensions:
Display Name:
Wacom Technology Corp.
Team ID:
EG27766DY7

For Big Sur, I think you'll have to include kernel extension bundle IDs. I don't have that info, but I usually go to the community list here:
https://docs.google.com/spreadsheets/d/1IWrbE8xiau4rU2mtXYji9vSPWDqb56luh0OhD5XS0AM/edit?usp=sharing

 

snowfox
Contributor II

Hi, I'm working on this for macOS 11.5.2 in our labs.  We have M1's arriving this year.

What Wacom support didn't tell you is that now under macOS 11, PPPC Input Monitoring now supports 'Allow standard users to approve access'.  Selecting this option (in the Jamf PPPC Utility) will add the Wacomtabletdriver.app and Firmwareupdate.app to the Input Monitoring section of Security & Privacy.  It will also stop the annoying prompt to add the driver from being displayed on every login or every 15 seconds.  If your lab users don't have admin rights, they can tick the driver in 'Security & Privacy / Input Monitoring' without being prompted for an Admin username & password.  The tablet should still work without ticking 'input monitoring from the keyboard', that was my observation last year using the Intuos4 tablet.  But students will be able to tick it if they so wish.  And once one does, it will be ticked for all users of the device.

I'm using the latest version of the PPPC Utility 1.4.0 to create the mobileconfig file.  There's a bug in Jamf Pro that when you upload the file, it sets every Authorise setting to - Allow standard users to Approve Access - instead of just - 'Allow'.  This will result in a failed profile deployment / install.  You have to manually set all the settings back to 'Allow' in Jamf Pro before saving and deploying the file.  Keep the input monitoring setting as 'Allow standard users to Approve Access'.  This is as far as I have gotten.  I haven't worked on getting the Wacom Desktop Center app from auto starting but I have gotten rid of that annoying driver popup and all the launch agents/daemons are still in place.

(Also don't quote me on this but Kext approval shouldn't be required under macOS 11 if the software has been updated by the vendor.  Legacy kexts are dead.  System Extensions, Security Extensions and Network Extensions seem to be the new thing.)

Below is the mobile config file I'm testing for this year.

The new key under macOS 11 is:

<key>Authorization</key>	
			
<string>AllowStandardUserToSetSystemService</string>

 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDescription</key>
			<string>Lab - PPPC - Wacom Tablet</string>
			<key>PayloadDisplayName</key>
			<string>Lab - PPPC - Wacom Tablet</string>
			<key>PayloadIdentifier</key>
			<string>2D95B8C9-11CE-40DD-B963-31861565BB3D</string>
			<key>PayloadOrganization</key>
			<string>MYORGANISATION</string>
			<key>PayloadType</key>
			<string>com.apple.TCC.configuration-profile-policy</string>
			<key>PayloadUUID</key>
			<string>58067702-CFCD-429E-B18F-E8AED10403FD</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Services</key>
			<dict>
				<key>Accessibility</key>
				<array>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
				<key>AppleEvents</key>
				<array>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systempreferences" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systempreferences</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systempreferences" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systempreferences</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
				<key>ListenEvent</key>
				<array>
					<dict>
						<key>Authorization</key>
						<string>AllowStandardUserToSetSystemService</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>AllowStandardUserToSetSystemService</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Display-Settings" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Display-Settings</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.RemoveWacomTablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.RemoveWacomTablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
			</dict>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Lab - PPPC - Wacom Tablet</string>
	<key>PayloadDisplayName</key>
	<string>Lab - PPPC - Wacom Tablet</string>
	<key>PayloadIdentifier</key>
	<string>2D95B8C9-11CE-40DD-B963-31861565BB3D</string>
	<key>PayloadOrganization</key>
	<string>MYORGANISATION</string>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>527DC8AA-29FA-4DBC-856C-3BCD75EC8B19</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

 

K_K_
New Contributor II

Thank you, that worked perfectly. 

snowfox
Contributor II

No problem,  since this post I have now gotten the Desktop Center suppressed by adding a few files to the default user template.  Post is here at the bottom of this thread:

https://community.jamf.com/t5/jamf-pro/how-to-disable-auto-launching-quot-wacom-desktop-center-quot-...

 

charleshf
New Contributor II

THANK YOU for posting that!  It worked perfectly for me -- no more crazy popups during the Wacom Tablet Driver installation.  FYI this was tested on Big Sur 11.5.2 using the Wacom Tablet Driver v6.3.44-1.  It will be installed on about 150 iMacs for our school district's CTE department.

 

A few questions if you don't mind:

  1. Where is com.wacomtablet.RemoveWacomTablet located on the machine?  I couldn't find it anywhere.
  2. Is there a way to copy/paste the configuration profile you put in the thread directly into PPPC Utility, or into JAMF?  I couldn't figure out how, so I had to manually add all the apps and permissions into PPPC Utility, save that and upload it to JAMF, and then manually add the com.wacomtablet.RemoveWacomTablet permissions after uploading.  Surely there is an easier way.

 

Thanks again.  HUGE help.

Hi,

1. com.wacomtabelt.RemoveWacomTablet is actually the 'Wacom Tablet Utility.app' in the Wacom folder.

The bundle ID is what the Jamf PPPC utility picks up from the info.plist buried inside the app.

2. Yes you can simply copy and paste the text.

Start at the top line

<?xml version="1.0" encoding="UTF-8"?>

hold down your left mouse button.  Scroll all the way down to

</plist>

with your mouse button still held down until you have the whole thing highlighted in blue.  Then right click on the blue last line and copy to clipboard.

Then open a new text file in a programmers text editor such as BBEdit or Sublime Text.  Right click, paste.

Save the text file and give it a file extension of .mobileconfig

Now you can import it into the Jamf PPPC Utility or you can upload the file to Jamf Pro.

Sometimes Jamf Pro requires .mobileconfig files to be formated in a certain way, if so, it will tell you when you try to upload the command line you need to use to reformat the file.

 

charleshf
New Contributor II

Then open a new text file in a programmers text editor such as BBEdit or Sublime Text.

Ah I bet that was my issue.  I copy/pasted straight into TextEdit, which saved it as an RTF, which I then renamed to a *.mobileconfig.  PPPC didn't like it when I tried to import that.  Good to know.