Jamf Nation Community

llitz123 · ‎04-01-2020

Is there a way to monitor what apps have been added to PPPC and are active? I have not used the PPPC utility - our users were manually added to the Security & Privacy Preferences.
Thanks for any assistance,

shaquir · ‎04-01-2020

Hi @llitz123 ,
To view Approved PPPC preferences, you can use the following command:

/usr/bin/sqlite3 "/Library/Application Support/com.apple.TCC/TCC.db" 'SELECT service, client FROM access WHERE allowed = '1''

The output will look like:

kTCCServiceScreenCapture|com.microsoft.teams

To output apps that we NOT allowed you can change

allowed = '1' to allowed = '0'

Certain TCC preferences are housed in the logged in User's TCC database (Like Camera and Microphone Access). To view you can use:

loggedInUser=$(/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }')
loggedInUser_home="$(/usr/bin/dscl /Local/Default read /Users/"$loggedInUser" NFSHomeDirectory | /usr/bin/awk '{print $2}')"
/usr/bin/sqlite3 "$loggedInUser_home/Library/Application Support/com.apple.TCC/TCC.db" 'SELECT service, client FROM access WHERE allowed = '1''

I recently posted my workflow to track user's selected Camera and Microphone Access in Teams here

llitz123 · ‎04-02-2020

Wow that's intense. I'll dig into it.
Thanks.

Jamf Nation Community

PPPC Monitoring