Help

PPPC Utility - How To Get It To Work?

user-SPFfGhLSOt
New Contributor

Posted on ‎01-11-2021 03:34 AM

Hi,

I'm new to JamF deployments. My understanding of PPPC is that it can be used to pre-configure access to be given to certain apps through a Configuration Profile.

I've downloaded the PPPC Utility from GitHub & tried to generate a config profile from there.

I need to enable Camera, Microphone, Accessibility & Screen Recording for Zoom:

  • Camera: '-' and 'Deny'
  • Microphone: '-' and 'Deny'
  • Accessibility: '-', 'Allow' and 'Deny'
  • Screen Capture: '-', 'Let Standard Users Approve', and 'Deny'

Is there a way to get these apps pre-approved? Thanks in advance!
b3719a3d7e7b41ad8fca60cb0dab01f8

Labels:
0 Kudos
4 REPLIES 4

snowfox
Contributor III

Posted on ‎01-11-2021 05:32 AM

The short answer is no.
Apple has restricted Microphone and Webcam access so that an end user must approve a programs access to them locally on the machine. They cannot be pre-configured. It's an Apple MDM security restriction, not a Jamf issue. Any other MDM platform will have the same issue as they all use Apples underlaying MDM framework. If a security feature only has the option of 'Deny' then you can't pre-configure it for 'Allow'.

user-SPFfGhLSOt
New Contributor

Posted on ‎01-11-2021 09:49 PM

Hi @snowfox , thanks for your help!

While we're unable to approve via MDM, is there a way to prevent those privacy prompts from showing up?

Thanks!

0 Kudos

snowfox
Contributor III

Posted on ‎01-15-2021 04:24 AM

Again unfortunately the answer is no.
This is expected behavior for the operating system.
The only thing you can do is allow it to accessibility and enable standard users to approve screen capture.
It doesn't matter what program you use, Skype for Business, Teams, Microsoft Remote Desktop, Other, they will all show security prompts for accessing the webcam and mic and screen recording etc.
To my knowledge these cannot be suppressed and are 'by design' in macOS. It emulates now alot of the things that iOS does and Apple treats the desktop as a 'mobile device'.
Some of the security features (as above) are based around the users privacy and not the administrator.

0 Kudos

Jackie_Mac
New Contributor II

Posted on ‎04-09-2022 03:15 PM

This was really annoying to me until I realized the wisdom behind it. We’re always trying to make things easier for the end user, but as long as we aren’t having to fight the “no admin credentials” issue on screen recording, having the user Allow camera, microphone, and screen recording is best. They need to understand they are making that choice and big brother isn’t out to get them and take away their choices. It’s also a great opportunity to educate them on the use of these settings and what “allowing” things does in the Security and Privacy settings!

0 Kudos