PPPC for Wacom drivers (again)

thebrucecarter
Contributor II

Greetings all,

 
We're getting our Fall builds ready, and again I am facing the issue of automating the software installation for the Wacom tablets in our Industrial Design (17 Cintiq 27" panels) and Multimedia (10 Wacom 12" LCD tablets) labs.  I'd really like to not have to walk around to each one of these to individually allow the permissions they need (which is Wacom Technical Support's position).
 
Does anyone have, or know of, a way to automate this, particularly in Jamf Pro, but I'll take anything.  We are running Big Sur on a variety of Mac types, but no M1's have Wacoms hooked to them yet.  There were a variety of suggestions in Jamf Nation last year, but most of them were for Mojave and we were unable to get them to work successfully in Catalina.
 
Thanks in advance for any suggestions.
1 ACCEPTED SOLUTION

snowfox
Contributor III

Hi, I'm working on this for macOS 11.5.2 in our labs.  We have M1's arriving this year.

What Wacom support didn't tell you is that now under macOS 11, PPPC Input Monitoring now supports 'Allow standard users to approve access'.  Selecting this option (in the Jamf PPPC Utility) will add the Wacomtabletdriver.app and Firmwareupdate.app to the Input Monitoring section of Security & Privacy.  It will also stop the annoying prompt to add the driver from being displayed on every login or every 15 seconds.  If your lab users don't have admin rights, they can tick the driver in 'Security & Privacy / Input Monitoring' without being prompted for an Admin username & password.  The tablet should still work without ticking 'input monitoring from the keyboard', that was my observation last year using the Intuos4 tablet.  But students will be able to tick it if they so wish.  And once one does, it will be ticked for all users of the device.

I'm using the latest version of the PPPC Utility 1.4.0 to create the mobileconfig file.  There's a bug in Jamf Pro that when you upload the file, it sets every Authorise setting to - Allow standard users to Approve Access - instead of just - 'Allow'.  This will result in a failed profile deployment / install.  You have to manually set all the settings back to 'Allow' in Jamf Pro before saving and deploying the file.  Keep the input monitoring setting as 'Allow standard users to Approve Access'.  This is as far as I have gotten.  I haven't worked on getting the Wacom Desktop Center app from auto starting but I have gotten rid of that annoying driver popup and all the launch agents/daemons are still in place.

(Also don't quote me on this but Kext approval shouldn't be required under macOS 11 if the software has been updated by the vendor.  Legacy kexts are dead.  System Extensions, Security Extensions and Network Extensions seem to be the new thing.)

Below is the mobile config file I'm testing for this year.

The new key under macOS 11 is:

<key>Authorization</key>	
			
<string>AllowStandardUserToSetSystemService</string>

 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDescription</key>
			<string>Lab - PPPC - Wacom Tablet</string>
			<key>PayloadDisplayName</key>
			<string>Lab - PPPC - Wacom Tablet</string>
			<key>PayloadIdentifier</key>
			<string>2D95B8C9-11CE-40DD-B963-31861565BB3D</string>
			<key>PayloadOrganization</key>
			<string>MYORGANISATION</string>
			<key>PayloadType</key>
			<string>com.apple.TCC.configuration-profile-policy</string>
			<key>PayloadUUID</key>
			<string>58067702-CFCD-429E-B18F-E8AED10403FD</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Services</key>
			<dict>
				<key>Accessibility</key>
				<array>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
				<key>AppleEvents</key>
				<array>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systempreferences" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systempreferences</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systempreferences" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systempreferences</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
				<key>ListenEvent</key>
				<array>
					<dict>
						<key>Authorization</key>
						<string>AllowStandardUserToSetSystemService</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>AllowStandardUserToSetSystemService</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Display-Settings" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Display-Settings</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.RemoveWacomTablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.RemoveWacomTablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
			</dict>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Lab - PPPC - Wacom Tablet</string>
	<key>PayloadDisplayName</key>
	<string>Lab - PPPC - Wacom Tablet</string>
	<key>PayloadIdentifier</key>
	<string>2D95B8C9-11CE-40DD-B963-31861565BB3D</string>
	<key>PayloadOrganization</key>
	<string>MYORGANISATION</string>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>527DC8AA-29FA-4DBC-856C-3BCD75EC8B19</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

 

View solution in original post

20 REPLIES 20

Green_Giant
New Contributor II

I'm revisiting this as well it seems like in Big Sur you need to allow input monitoring and PPPC doesn't let you set that permission. Have you tried bundling this with composer? 

thebrucecarter
Contributor II

No, we've only tried using the Wacom installer.  Wacom itself has been absolutely no help, replying only that they "do not support this feature" (whatever that means).

JasonAtCSUMB
Contributor

I am also working on dealing with Wacom. Our labs are all 10.15 Catalina. Here's my PPPC config profile so far. I haven't had the chance to fully test this with the hardware, so I may be missing something.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDescription</key>
			<string></string>
			<key>PayloadDisplayName</key>
			<string>Privacy Preferences Policy Control</string>
			<key>PayloadEnabled</key>
			<true/>
			<key>PayloadIdentifier</key>
			<string>63542C50-E717-4B59-9383-0B41A3826D8E</string>
			<key>PayloadOrganization</key>
			<string>California State University - Monterey Bay</string>
			<key>PayloadType</key>
			<string>com.apple.TCC.configuration-profile-policy</string>
			<key>PayloadUUID</key>
			<string>63542C50-E717-4B59-9383-0B41A3826D8E</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Services</key>
			<dict>
				<key>Accessibility</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>AppleEvents</key>
				<array>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Display-Settings" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Display-Settings</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.RemoveWacomTablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.RemoveWacomTablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
			</dict>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Privacy Preferences Policy Control (transparency, consent and control) to allow Wacom tablet software to function properly.</string>
	<key>PayloadDisplayName</key>
	<string>Wacom PPPC</string>
	<key>PayloadEnabled</key>
	<true/>
	<key>PayloadIdentifier</key>
	<string>20B8AA04-0007-4654-907D-5B9792A0B71D</string>
	<key>PayloadOrganization</key>
	<string>California State University - Monterey Bay</string>
	<key>PayloadRemovalDisallowed</key>
	<true/>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>com.apple.TCC.configuration-profile-policy</string>
	<key>PayloadUUID</key>
	<string>20B8AA04-0007-4654-907D-5B9792A0B71D</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

  

JasonAtCSUMB
Contributor

I am also working on dealing with Wacom. Our labs are all 10.15 Catalina. Here's my PPPC config profile so far. I haven't had the chance to fully test this with the hardware, so I may be missing something.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDescription</key>
			<string></string>
			<key>PayloadDisplayName</key>
			<string>Privacy Preferences Policy Control</string>
			<key>PayloadEnabled</key>
			<true/>
			<key>PayloadIdentifier</key>
			<string>63542C50-E717-4B59-9383-0B41A3826D8E</string>
			<key>PayloadOrganization</key>
			<string>California State University - Monterey Bay</string>
			<key>PayloadType</key>
			<string>com.apple.TCC.configuration-profile-policy</string>
			<key>PayloadUUID</key>
			<string>63542C50-E717-4B59-9383-0B41A3826D8E</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Services</key>
			<dict>
				<key>Accessibility</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>AppleEvents</key>
				<array>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Display-Settings" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Display-Settings</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.RemoveWacomTablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.RemoveWacomTablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
			</dict>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Privacy Preferences Policy Control (transparency, consent and control) to allow Wacom tablet software to function properly.</string>
	<key>PayloadDisplayName</key>
	<string>Wacom PPPC</string>
	<key>PayloadEnabled</key>
	<true/>
	<key>PayloadIdentifier</key>
	<string>20B8AA04-0007-4654-907D-5B9792A0B71D</string>
	<key>PayloadOrganization</key>
	<string>California State University - Monterey Bay</string>
	<key>PayloadRemovalDisallowed</key>
	<true/>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>com.apple.TCC.configuration-profile-policy</string>
	<key>PayloadUUID</key>
	<string>20B8AA04-0007-4654-907D-5B9792A0B71D</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

 

JasonAtCSUMB
Contributor

I am also working on dealing with Wacom. Our labs are all 10.15 Catalina. Here's my PPPC config profile so far. I haven't had the chance to fully test this with the hardware, so I may be missing something.

 

			<key>Services</key>
			<dict>
				<key>Accessibility</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>AppleEvents</key>
				<array>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systemevents" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systemevents</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Display-Settings" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Display-Settings</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.RemoveWacomTablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Identifier</key>
						<string>com.wacom.RemoveWacomTablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>1</integer>
					</dict>
				</array>
			</dict>

 

JasonAtCSUMB
Contributor
I am also working on dealing with Wacom. Our labs are all 10.15 Catalina. Here's my PPPC config profile so far. I haven't had the chance to fully test this with the hardware, so I may be missing something.
 

Also Approved Kernel extensions:
Display Name:
Wacom Technology Corp.
Team ID:
EG27766DY7

For Big Sur, I think you'll have to include kernel extension bundle IDs. I don't have that info, but I usually go to the community list here:
https://docs.google.com/spreadsheets/d/1IWrbE8xiau4rU2mtXYji9vSPWDqb56luh0OhD5XS0AM/edit?usp=sharing

 

snowfox
Contributor III

Hi, I'm working on this for macOS 11.5.2 in our labs.  We have M1's arriving this year.

What Wacom support didn't tell you is that now under macOS 11, PPPC Input Monitoring now supports 'Allow standard users to approve access'.  Selecting this option (in the Jamf PPPC Utility) will add the Wacomtabletdriver.app and Firmwareupdate.app to the Input Monitoring section of Security & Privacy.  It will also stop the annoying prompt to add the driver from being displayed on every login or every 15 seconds.  If your lab users don't have admin rights, they can tick the driver in 'Security & Privacy / Input Monitoring' without being prompted for an Admin username & password.  The tablet should still work without ticking 'input monitoring from the keyboard', that was my observation last year using the Intuos4 tablet.  But students will be able to tick it if they so wish.  And once one does, it will be ticked for all users of the device.

I'm using the latest version of the PPPC Utility 1.4.0 to create the mobileconfig file.  There's a bug in Jamf Pro that when you upload the file, it sets every Authorise setting to - Allow standard users to Approve Access - instead of just - 'Allow'.  This will result in a failed profile deployment / install.  You have to manually set all the settings back to 'Allow' in Jamf Pro before saving and deploying the file.  Keep the input monitoring setting as 'Allow standard users to Approve Access'.  This is as far as I have gotten.  I haven't worked on getting the Wacom Desktop Center app from auto starting but I have gotten rid of that annoying driver popup and all the launch agents/daemons are still in place.

(Also don't quote me on this but Kext approval shouldn't be required under macOS 11 if the software has been updated by the vendor.  Legacy kexts are dead.  System Extensions, Security Extensions and Network Extensions seem to be the new thing.)

Below is the mobile config file I'm testing for this year.

The new key under macOS 11 is:

<key>Authorization</key>	
			
<string>AllowStandardUserToSetSystemService</string>

 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDescription</key>
			<string>Lab - PPPC - Wacom Tablet</string>
			<key>PayloadDisplayName</key>
			<string>Lab - PPPC - Wacom Tablet</string>
			<key>PayloadIdentifier</key>
			<string>2D95B8C9-11CE-40DD-B963-31861565BB3D</string>
			<key>PayloadOrganization</key>
			<string>MYORGANISATION</string>
			<key>PayloadType</key>
			<string>com.apple.TCC.configuration-profile-policy</string>
			<key>PayloadUUID</key>
			<string>58067702-CFCD-429E-B18F-E8AED10403FD</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Services</key>
			<dict>
				<key>Accessibility</key>
				<array>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
				<key>AppleEvents</key>
				<array>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systempreferences" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systempreferences</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>AEReceiverCodeRequirement</key>
						<string>identifier "com.apple.systempreferences" and anchor apple</string>
						<key>AEReceiverIdentifier</key>
						<string>com.apple.systempreferences</string>
						<key>AEReceiverIdentifierType</key>
						<string>bundleID</string>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
				<key>ListenEvent</key>
				<array>
					<dict>
						<key>Authorization</key>
						<string>AllowStandardUserToSetSystemService</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>AllowStandardUserToSetSystemService</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Desktop-Center" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Desktop-Center</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.Wacom-Display-Settings" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.Wacom-Display-Settings</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.RemoveWacomTablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.RemoveWacomTablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.FirmwareUpdater" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.FirmwareUpdater</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.TabletDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.TabletDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.wacomtablet" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.wacomtablet</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.WacomTouchDriver" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.WacomTouchDriver</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
					<dict>
						<key>Authorization</key>
						<string>Allow</string>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.wacom.IOManager" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = EG27766DY7)</string>
						<key>Comment</key>
						<string></string>
						<key>Identifier</key>
						<string>com.wacom.IOManager</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
					</dict>
				</array>
			</dict>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Lab - PPPC - Wacom Tablet</string>
	<key>PayloadDisplayName</key>
	<string>Lab - PPPC - Wacom Tablet</string>
	<key>PayloadIdentifier</key>
	<string>2D95B8C9-11CE-40DD-B963-31861565BB3D</string>
	<key>PayloadOrganization</key>
	<string>MYORGANISATION</string>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>527DC8AA-29FA-4DBC-856C-3BCD75EC8B19</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

 

K_K_
New Contributor II

Thank you, that worked perfectly. 

snowfox
Contributor III

No problem,  since this post I have now gotten the Desktop Center suppressed by adding a few files to the default user template.  Post is here at the bottom of this thread:

https://community.jamf.com/t5/jamf-pro/how-to-disable-auto-launching-quot-wacom-desktop-center-quot-...

 

charleshf
New Contributor II

THANK YOU for posting that!  It worked perfectly for me -- no more crazy popups during the Wacom Tablet Driver installation.  FYI this was tested on Big Sur 11.5.2 using the Wacom Tablet Driver v6.3.44-1.  It will be installed on about 150 iMacs for our school district's CTE department.

 

A few questions if you don't mind:

  1. Where is com.wacomtablet.RemoveWacomTablet located on the machine?  I couldn't find it anywhere.
  2. Is there a way to copy/paste the configuration profile you put in the thread directly into PPPC Utility, or into JAMF?  I couldn't figure out how, so I had to manually add all the apps and permissions into PPPC Utility, save that and upload it to JAMF, and then manually add the com.wacomtablet.RemoveWacomTablet permissions after uploading.  Surely there is an easier way.

 

Thanks again.  HUGE help.

Hi,

1. com.wacomtabelt.RemoveWacomTablet is actually the 'Wacom Tablet Utility.app' in the Wacom folder.

The bundle ID is what the Jamf PPPC utility picks up from the info.plist buried inside the app.

2. Yes you can simply copy and paste the text.

Start at the top line

<?xml version="1.0" encoding="UTF-8"?>

hold down your left mouse button.  Scroll all the way down to

</plist>

with your mouse button still held down until you have the whole thing highlighted in blue.  Then right click on the blue last line and copy to clipboard.

Then open a new text file in a programmers text editor such as BBEdit or Sublime Text.  Right click, paste.

Save the text file and give it a file extension of .mobileconfig

Now you can import it into the Jamf PPPC Utility or you can upload the file to Jamf Pro.

Sometimes Jamf Pro requires .mobileconfig files to be formated in a certain way, if so, it will tell you when you try to upload the command line you need to use to reformat the file.

 

charleshf
New Contributor II

Then open a new text file in a programmers text editor such as BBEdit or Sublime Text.

Ah I bet that was my issue.  I copy/pasted straight into TextEdit, which saved it as an RTF, which I then renamed to a *.mobileconfig.  PPPC didn't like it when I tried to import that.  Good to know.

rcole
Contributor II

This worked for me as well. Thank you tremendously for sharing it.

donmontalvo
Esteemed Contributor III

 

-replyed to the wrong post-

wifichallenges
Contributor II

Hey so i drafted some instructions here for the mac newbs like me who all this stuff isn't second nature for.

 

1.) create the mobileconfig file as directed in the post above. I used apple configurator and imported the mobileconfig stuff as per snowfox solution post. Need a mac for this.

2.) in jamf, create a new configruation profile. Use the mobile config file to create the profile.

3.) under the "privacy preferences policy" item, go and change all the "access" entries to "ALLOW" (was previously "allow standard users to allow access"). This is apparently due to a bug. (two of the entries cannot be changed, so must be left as is)

4.) save this profile. To do the software install, we will need a policy as well.

5.) Download the latest wacom drivers. Next step you will need a mac again, cant do this on a PC.

6.) Transfer the DMG file to the mac. Open it. There should be a PKG file inside. That is teh file you want to upload to the packages area. Open settings and find the packages area. Create a new package. I would make the name of the package include the version number. Save the package and it uploads.

6.) open the policies area. Create a new policy to deploy the driver files.

7.) add the package under packages. Set to enabled, recurring checkin as the trigger, and to run once per computer. Or you can do self service.

8.) scope both the config profile and the policy to the correct computers and it seems to work.

mhuston
New Contributor

I contacted WACOM and they sent me an enterprise driver; It works great in my lab!
 +  no popups! 
 -  still need privileges to setup Apple input access, etc in settings..  That's an Apples security settings issue.

janthenat
New Contributor III

Please elaborate if you can... How did you contact WACOM for this, and how did you resolve input access settings?

I meant that to be in different thread:

Jamf Pro > How to disable auto launching "Wacom Desktop Cente...
https://community.jamf.com/t5/jamf-pro/how-to-disable-auto-launching-quot-wacom-desktop-center-quot-...

Some of it is also in the WACOM forum here...
https://support.wacom.com/hc/en-us/community/posts/25369629201943-OSX-How-to-prevent-Wacom-Center-et...

There is a new "WacomTablet_6.4.6-3_Enterprise.dmg" file that removes the "wacom desktop" and other annoying popups; but not the Apple Security settings..