PPPC/TCC Zoom meetings outlook plugin

jwojda
Valued Contributor II

I'm trying to wrap my head around PPPC /TCC, I started streaming the log when a popup came up for zOutlookPluginAgent, but it didn't show any new information in the logs after I clicked Allow other than an fseventsd entry and apple.sandboxd...

The only thing I can see in Privacy security preference pane is under Automation it's listed with a checkbox next to Microsoft Outlook

When I went into PPPC-Utility and dragged in the plugin agent in question, it lists the identifier "us.zoom.pluginagent" which I already have a PPPC for on the machine.

I guess my question is 1) does anybody have a premed PPPC for Zoom meetings and the Outlook Plugin they would be willing to share and 2) is there a way to look at the log (assuming it's the com.apple.TCC) and see specifically what this plugin is doing so I can fix my existing one?

1 ACCEPTED SOLUTION

Chris
Valued Contributor

Did you stream the logs as described here?
This should work for the Zoom Client and Outlook Plugin:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>PayloadContent</key>
    <array>
        <dict>
            <key>PayloadDescription</key>
            <string>TCC - Zoom</string>
            <key>PayloadDisplayName</key>
            <string>TCC - Zoom</string>
            <key>PayloadIdentifier</key>
            <string>211FEF26-D91C-4D56-8B26-1432729148CB</string>
            <key>PayloadOrganization</key>
            <string>YourOrg</string>
            <key>PayloadType</key>
            <string>com.apple.TCC.configuration-profile-policy</string>
            <key>PayloadUUID</key>
            <string>D711A4CB-0257-4789-8DF5-2CAC7EB1E569</string>
            <key>PayloadVersion</key>
            <integer>1</integer>
            <key>Services</key>
            <dict>
                <key>Accessibility</key>
                <array>
                    <dict>
                        <key>Allowed</key>
                        <true/>
                        <key>CodeRequirement</key>
                        <string>identifier "us.zoom.xos" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = BJ4HAAB9B3</string>
                        <key>Comment</key>
                        <string></string>
                        <key>Identifier</key>
                        <string>us.zoom.xos</string>
                        <key>IdentifierType</key>
                        <string>bundleID</string>
                    </dict>
                </array>
                <key>AppleEvents</key>
                <array>
                    <dict>
                        <key>AEReceiverCodeRequirement</key>
                        <string>identifier "com.microsoft.Outlook" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string>
                        <key>AEReceiverIdentifier</key>
                        <string>com.microsoft.Outlook</string>
                        <key>AEReceiverIdentifierType</key>
                        <string>bundleID</string>
                        <key>Allowed</key>
                        <true/>
                        <key>CodeRequirement</key>
                        <string>identifier "us.zoom.pluginagent" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = BJ4HAAB9B3</string>
                        <key>Comment</key>
                        <string></string>
                        <key>Identifier</key>
                        <string>us.zoom.pluginagent</string>
                        <key>IdentifierType</key>
                        <string>bundleID</string>
                    </dict>
                </array>
            </dict>
        </dict>
    </array>
    <key>PayloadDescription</key>
    <string>TCC - Zoom</string>
    <key>PayloadDisplayName</key>
    <string>TCC - Zoom</string>
    <key>PayloadIdentifier</key>
    <string>211FEF26-D91C-4D56-8B26-1432729148CB</string>
    <key>PayloadOrganization</key>
    <string>YourOrg</string>
    <key>PayloadType</key>
    <string>com.apple.TCC.configuration-profile-policy</string>
    <key>PayloadUUID</key>
    <string>04C92D6E-4152-4A7F-862F-CFC67A4CA3BD</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
    <key>payloadScope</key>
    <string>system</string>
</dict>
</plist>

View solution in original post

8 REPLIES 8

Chris
Valued Contributor

Did you stream the logs as described here?
This should work for the Zoom Client and Outlook Plugin:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>PayloadContent</key>
    <array>
        <dict>
            <key>PayloadDescription</key>
            <string>TCC - Zoom</string>
            <key>PayloadDisplayName</key>
            <string>TCC - Zoom</string>
            <key>PayloadIdentifier</key>
            <string>211FEF26-D91C-4D56-8B26-1432729148CB</string>
            <key>PayloadOrganization</key>
            <string>YourOrg</string>
            <key>PayloadType</key>
            <string>com.apple.TCC.configuration-profile-policy</string>
            <key>PayloadUUID</key>
            <string>D711A4CB-0257-4789-8DF5-2CAC7EB1E569</string>
            <key>PayloadVersion</key>
            <integer>1</integer>
            <key>Services</key>
            <dict>
                <key>Accessibility</key>
                <array>
                    <dict>
                        <key>Allowed</key>
                        <true/>
                        <key>CodeRequirement</key>
                        <string>identifier "us.zoom.xos" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = BJ4HAAB9B3</string>
                        <key>Comment</key>
                        <string></string>
                        <key>Identifier</key>
                        <string>us.zoom.xos</string>
                        <key>IdentifierType</key>
                        <string>bundleID</string>
                    </dict>
                </array>
                <key>AppleEvents</key>
                <array>
                    <dict>
                        <key>AEReceiverCodeRequirement</key>
                        <string>identifier "com.microsoft.Outlook" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string>
                        <key>AEReceiverIdentifier</key>
                        <string>com.microsoft.Outlook</string>
                        <key>AEReceiverIdentifierType</key>
                        <string>bundleID</string>
                        <key>Allowed</key>
                        <true/>
                        <key>CodeRequirement</key>
                        <string>identifier "us.zoom.pluginagent" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = BJ4HAAB9B3</string>
                        <key>Comment</key>
                        <string></string>
                        <key>Identifier</key>
                        <string>us.zoom.pluginagent</string>
                        <key>IdentifierType</key>
                        <string>bundleID</string>
                    </dict>
                </array>
            </dict>
        </dict>
    </array>
    <key>PayloadDescription</key>
    <string>TCC - Zoom</string>
    <key>PayloadDisplayName</key>
    <string>TCC - Zoom</string>
    <key>PayloadIdentifier</key>
    <string>211FEF26-D91C-4D56-8B26-1432729148CB</string>
    <key>PayloadOrganization</key>
    <string>YourOrg</string>
    <key>PayloadType</key>
    <string>com.apple.TCC.configuration-profile-policy</string>
    <key>PayloadUUID</key>
    <string>04C92D6E-4152-4A7F-862F-CFC67A4CA3BD</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
    <key>payloadScope</key>
    <string>system</string>
</dict>
</plist>

jwojda
Valued Contributor II

Yeah, I'm pretty sure that was the command I was using (I wiped the drive so I can't confirm, but looks like it). Weird. But thank you! The one you posted worked perfectly!

typtran1
New Contributor

@Chris Does this script install the Zoom app and the plugin for Outlook?

jwojda
Valued Contributor II

no, it's just the TCC/PPPC config, I just use Autopkg to download the apps and add to Jamf.

bigmikeey
New Contributor II

Hi Guys,

Which location does this Plist go?

@Chris

Chris
Valued Contributor

Hi @bigmikeey ,
it has to be deployed as a configuration profile through (user approved) MDM.

JeyT
New Contributor III

Hi Chris. Pardon my question, still learning this stuff, but I have been using the PPPC utility provide by JAMF and have had some mixed results. How do I use your script to push out a configuration profile for Zoom? Again was used to creating the profile in the utility and downloading it, then pushing it out from JAMF. How do I use your method. Appreciate any help. Thanks.

Cyberbof
New Contributor II

Hello Chris,
this link is broken :
Did you stream the logs as described here?