Posted on 04-05-2023 03:33 PM
I have installed Ivanti client and connected to it, I am using a PSAM feature. To use this I need to get a system extension blocked for the SAM. And I need to allow it on the Security & Privacy section.
Issue: I am not getting this prompt nor appeared in the Security & Privacy section.
Can any one help me on this.
Do we have any terminal command or any other process to enable the system extensions prompt? OR to manually allow this extensions?
Posted on 04-06-2023 04:44 AM
System Extensions on macOS can be buggy, and vendor support of them is still a bit flaky at times. System Extensions are also a pain to troubleshoot due to SIP.
systemextensionsctl list
The output should look something like this. Note the status of active waiting for user, this would be waiting on a user prompt to approve. If its already been approved by MDM or User it will say activated enabled instead of waiting for user. If you remove a system extension the status will be waiting on reboot to remove.
SystemExtensionsSuck:~User$ systemextensionsctl list
1 extension(s)
--- com.apple.system_extension.network_extension
enabled active teamID bundleID (version) name [state]
* DE8Y96K9QP com.cisco.anyconnect.macos.acsockext (4.9.04053/4.9.04053) Cisco AnyConnect Socket Filter Extension [activated waiting for user]
You can use the code sign binary to get the information to make the configuration profile to approve the system extension. Or you can use The Show Me Your ID app to get the same information. The vendor should also have documentation for making the configuration profile to approve their system extension. Only do the leg work yourself if absolutely necessary or you prefer doing it yourself.
HCS Technology Group - Show Me Your ID 3.0 (hcsonline.com)
codesign -display -r - {path to application without brackets}
User@SystemExtensionsSuck ~ % codesign -display -r - /Applications/ProfileCreator.app
Executable=/Applications/ProfileCreator.app/Contents/MacOS/ProfileCreator
# designated => cdhash H"1c14f6107dea3c5eb18002499388751ea0e48acd"