Silently "Grant Full Disk Access"?

landon_Starr
Contributor

Hi all,

I'm currently working with Cisco AMP, and I'm curious if there is anyway, be it through scripting, config profile, etc. to silently allow full disk access for it.

I have a PPPC config profile in place that allows AMP access to pretty much everything, but the issue remains that a user needs to drag and drop the "ampdaemon" file into Full Disk Access pane.

Is there anyway to move this file in the background so user intervention isn't needed?

6b6354c1f6624e5592510c129347eb0c

12 REPLIES 12

sshort
Valued Contributor

Can you not drag-and-drop ampdaemon into PPPC Utility when you build the profile?

If not, check out tccprofile, I've had better luck whitelisting app binaries and scripts using that tool.

landon_Starr
Contributor

@sshort that did the trick! I guess I've been messing around with this for so long that idea never crossed my mind.

Thank you!

NielsvdSteen
New Contributor

I had the same issue, so thanks @sshort ! Used PPPC Utility to create the config and it worked like a charm! Now when the new version of AMP is installed it works without user intervention.

e94ea1dcf67e4a3986fa317e99384e0a

Btw it doesn't show in the Security & Privacy in System Preferences like the instructions from AMP shows but it works fine...

MichMich
New Contributor

Hi,

I have a similar issue with Trend Apex One Antivirus. I don't manage to drag and drop the "iCoreService" in PPPC Utility, it won't show up and also get access denied when trying to save in tccprofile. Is there another way to whitelist it to get Full Disk Access?

https://success.trendmicro.com/solution/1122542-preventing-compatibility-issues-in-macos-mojave-10-14-with-worry-free-business-security-services

I could import the file into PPPC utility after copying it to my desktop, then changed the identifier path manually but it did not did the trick... And it never shown under Privacy in Security and Privacy settings vs the PCCC whitelist for Teamviewer does show there.

Am I missing something ? I'm out of ideas...

Thanks in advance!

rrouleau
Contributor

@MichMich You can sudo chmod "iCoreService" to 750 prior to dragging it into the PPPC Utility.
That should give you the results you want. The iCoreService has permissions of 710 normally.

lrgeissbuhler
New Contributor II

Anyone know how to bounce the "icoreservice" with a command so we don't have to reboot a device or re-install trend? @rrouleau thanks for the info, that really helped!

Cayde-6
Valued Contributor

@NielsvdSteen Configuration Profiles for PPPCs do not get reflected in the Security & Privacy section.

End users will not see whether your app has been given full disk access.

jacs
New Contributor

@lrgeissbuhler Did you find a solution for the need to reboot a device?

lrgeissbuhler
New Contributor II

Just received this email yesterday:

Regarding unloading and loading agents.

Here's the instruction:
1. Download the script below:
https://box-us-file.trendmicro-cloud.com/SFDC/external_shared/a525e1b84620371069e974a08ac42258.php
2. On the Mac machine desktop, place the "unload.sh" file.
3. Open terminal.app and run the following commands:
sudo su cd Desktop ./unload.sh

Note: After unloading TMSM, the t-ball icon will still be on the tray.

If you want to reload the TMSM Agent, run the following command in the previous terminal window:

> ./load.sh

StuartJ
New Contributor

@Irgeissbuhler
Did Trend Micro give you a password to unpack the zip file?

lrgeissbuhler
New Contributor II

@StuartJ

At least with the Version we deploy in our environment, I do the following script listed below:

Not the most elegant thing int he world however, it works for us, you may not want to do this if you want version control, as this will give you the most up to date version always.

(Replace <URL> with the fully qualified path in your trend instance, to the installer file)

#!/bin/bash
#Switch to the /tmp directory
cd /tmp
#Download the Trend installer
curl -O -k https://<URL>/tmsminstall.zip
#Unzip the installer
unzip /tmp/tmsminstall.zip
#Install the Trend Software
installer -pkg /tmp/tmsminstall/tmsminstall.pkg -target /
#Clean up the folder
rm tmsminstall.zip
rm -rf /tmp/tmsminstall
exit 0

user-kDXbOofSkL
New Contributor

I have an issue with the PPPC utility with giving access to full disk with some apps. I get the following error "'Authorization' has an invalid value." And yes I checked the "Big Sur Compatibility" slider to make sure it would work with Big Sur. Any suggestions?