@supersizeal you could use this downloadable app: https://github.com/jamf/PPPC-Utility. I picked this up from a different JamfNation post: https://www.jamf.com/jamf-nation/discussions/29996/pppc-and-every-app-known-to-it. Thanks goes to @SCADtom . Basically, you drag the webbed app into the program and it pulls all the correct information like identifier. Then, you can setup the permissions you want, and, can upload it directly into your JSS as a configuration profile. No need to manually create it.
I was able to download and use the PPPC utility and deployed to the computer and set Accessiblity option to Allow but it still is not working. I think this only works if the Cisco Webex software is installed and used on the client computer and I am using the web browser option.
( I think ).
I even opened a ticket with Cisco and the tech was not helpful.
@supersizeal I believe I have encountered the same issue, which as I understand it, user without admin can not modify security settings to allow remote control in a webex session by another webex participant. Using PPPC does not allow this setting to be enabled.
Does that match your situation ?
I have logged a ticket for this exact issue to Apple Support, who escalated to Engineering, who have acknowledged the issue and are investigating a fix. Feel free to log a ticket, as the more people that raise this issue, the more chance it will get suitable focus.
@supersizeal wow thats a big call, given their (Zooms) history with security (and other) issues. Great for consumer market, but business/education - interesting decision. I'm working within a relatively large corp/enterprise environment with massive security focus, so unfortunately that is not an option for us, at this stage anyway. So we must persist with CiscoWebex, as complex and often painful as it is. Hopefully Apple/Cisco will come up a workable solution soon.
The challenge I'm having is saving users from this dialog:
"WebExPluginAgent.app" wants access to control "Microsoft Outlook.app". Allowing control will provide access to documents and data in "Microsoft Outlook.app", and to perform actions within that app. This allows Cisco Webex Productivity TOols to integrate with Microsoft Outlook. [Don't Allow] [OK]
I generated a PPPC config profile giving all the webex things I could find with Address Book, Calendar and Apple Events for Outlook Allowed to no avail, when installing Webex 40 Outlook still prompts.
Try though I might I cannot find anything on my computer called WebExPluginAgent.app to add to this list which is what I assume the issue is, that the name must literally match. Update: I ran as a last resource and that did turn up the culprit, and now I have successfully tested a PPPC config profile with now: /Users/Shared/WebExPlugin/WebExPluginAgent.app allowing AppleEvents access to Microsoft Outlook.
FWIW for WebEx screenshare / remote control this is working for us - in Confir Profiles add a PPPC for com.webex.meetingmanager with Bundle ID identifier
"com.webex.meetingmanager" and anchor apple generic and certificate 1[field.1.2.840.1136220.127.116.11.6] / exists / and certificate leaf[field.1.2.840.113618.104.22.168.13] / exists / and certificate leaf[subject.OU] = DE8Y96K9QP
Then set the APP OR SERVICE to Accessibility and ACCESS to Allow.
I can confirm that using the method above works. Thanks for posting. When I used the PPPC app to generate the file from dropping in the Webex desktop app everything was correct except "com.webex.meetingmanager". For me it populated something similar but different. Once I updated that in Identifier and Code Requirement poof it worked.
@Sterritt Thanks for that post. I've been tearing my hair out to get remote control working and your solution - allowing all file access to "com.webex.meetingmanager" works!. Adding full disk access to either the /Applications/Cisco Webex Meetings.App or the /Users/Shared/WebExPlugin/WebExPluginAgent.app did not work. These translate to com.cisco.webexmeetingsapp and com.webex.pluginagent respectively. Can you advise what app or component the com.webex.meetingmanager relates to ?
I'm trying to create the PPPC profile mentioned above but when I save the Profile in Jamf it fails to deliver to any computers. I get the message "In the payload (UUID: 0...6), the key 'CodeRequirement' has an invalid value."
Can anyone confirm what needs to be entered there? I tried copying and pasting what @Sterritt mentioned above (along with "identifier " because that's what it looks like in the screenshot) and got that error. Although now I'm looking at the screenshot, there are additional characters around
exists as well that I can't make out (could be quotes or could be asterisks. Can anyone post the full bundle ID that needs to be there? I have:
identifier "com.webex.meetingmanager" and anchor apple generic and certificate 1[field.1.2.840.113622.214.171.124.6] / exists / and certificate leaf[field.1.2.840.1136126.96.36.199.13] / exists / and certificate leaf[subject.OU] = DE8Y96K9
Looked at another PPPC profile and saw they were asterisks. Entered those in and it delivered the profile. So the Bundle ID is (written as bracketed [asterisk]s since actual asterisks just make the text italic):
identifier "com.webex.meetingmanager" and anchor apple generic and certificate 1[field.1.2.840.1136188.8.131.52.6] /[asterisk] exists [asterisk]/ and certificate leaf[field.1.2.840.1136184.108.40.206.13] /[asterisk] exists [asterisk]/ and certificate leaf[subject.OU] = DE8Y96K9QP
I just checked mine and confirmed it was delivered to at least one Big Sur machine. Attached a screenshot of what the Code Requirement I included was (in case my comments weren't clear). Might be a little easier to read than previous screenshot since I clicked to edit it.
You can copy everything from the previous text, but make sure you're manually typing in the asterisks.