Jamf Nation Community

That worked perfectly!! Thank you!

Thanks worked for MacOS 10.14.6 did not work on my Catalina Beta 10.15 (19A546d) test machine.

@mmcchesney have you had any luck with Panopto and Catalina?

@mmcchesney i am having issue with Panopto and like to know if you found any solution for it. Using PPPC to Allow the Screen Capture in Security and Privacy doesn't work and it is only Deny can be selected and that is stopping us to deploy the the application to our staff as it need admin authentication to add[Allow] Screen Capture in Security and Privacy.

@raghdasi @mmcchesney @neil.martin83 did you guys ever figure out the Panopto installation issue via Self Service?

Panopto version 7.2.0

i'm testing on mojave (did not use the script the neil.martin provided), when i run it via SS i get a popup that says 'FAILED TO GET THE REQUIRED PERMISSION. RERUN THE INSTALLER AND ALLOW REQUESTED OPERATION'

is this message what that script is supposed to take care of?

I just was able to succesfully install Panopto 7.2.0 by adding that script to run 'before' the Panopto pkg. From the Panopto help web page for mac instructions i see the following information for 10.14 Mojave (see picture). So this is what the script takes care of from displaying?

now what about macOS 10.15 Catalina?

I wonder if 10.13 will install Panopto via self service without the script?

![optional image ALT text](

)

I believe the script is removing the SERVER that my organization has setup when the installer installs. Now i have to enter the server information when it should be setup already.

I'm afraid I haven't tested with Catalina and I'm not deploying it where I work now.

I would say the best option is to push back to the vendor's support and get them to fix their package so it can accomplish what it needs to do without running a script calling commands that don't have permission due to PPPC. I know they are aware of folks who need to mass-deploy it, but can't.

I believe the script is removing the SERVER that my organization has setup when the installer installs. Now i have to enter the server information when it should be setup already.

It doesn't. This is set in the package's filename when you download it from Panopto (the postinstall derives your server address from that). If you rename the package, then it won't set your server.

Alternatively, (with a proper Apple-native method) you can set it in a Configuration Profile, like this one, for example:

https://github.com/neilmartin83/configuration_profiles/blob/master/Panopto%20-%20Defaults.mobileconf...

@neil.martin83 Yes I had a feeling it was probably because I change the package name when I downloaded it from our organization.

I mentioned it to our support to contact the vendor

@tcandela aye, sadly, pushing back to the vendors is really the only way to get this stuff fixed, vs hacking our own unsupported solutions.

@neil.martin83 yeah, i don't like adding scripts to hack with getting packages like this installed

@neil.martin83 have you ever used that application called Packages to make mac packages?

With Panopto installed on the system with Packages installed, simply run the Packages application, choose the applications folder in the user interface, choose the installed Panopto and build the package.

Im going to try this and test out the resulting pkg on each macOS 10.13 thru 10.15

@tcandela Panopto requires the hidden user account its package postinstall script creates, as the app uses this for background uploading when the user logs out etc. Because of that, repackaging the app by itself won't work.

@neil.martin83 so if a second user logs in to a computer with Panopto installed does it work the same as it does for the original user who logged in an installed it?

@tcandela If you install the original package, yes. I was describing the behaviour where the installer creates a user account called panopto_upload, which the app requires to work.

Hi all,

FYI we have had the same issue, apparently work was done to make the web based version work for this, which is how we use it. I don't know if this was work done specifically for my company or a wider implementation, but might be worth trying this if you still get issues.

Good luck!

I'm wondering if anyone thought about trying:

/usr/local/bin/jamf createAccount -username panopto_upload -realname panopto_upload -home /var/panopto -shell /sbin/nologin -hiddenUser

Before installing, because that works for me.

I know I'm necroing this thread, but I had to give kudos to wakco for this suggestion. I've been pulling my hair out trying to get user creation to work with secure token on OS 10.15 & 11 with no luck. sysadminctl now requires "Terminal" to have access to control your computer, but simply granting access via PPPC doesn't work. There's some other component that's actually requesting access but I can't figure out exactly what that is. The simple solution was to use the jamf binary to create the account, then use sysadminctl to enable the secure token. Bam, easy and no security popups because jamf binary already has a profile allowing access.