Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Posting Remote Management TCC profile
Posting Remote Management TCC profile, for use with ARD's kickstart command-line utility: https://support.apple.com/HT209161
- Loading branch information
Showing
4 changed files
with
77 additions
and
0 deletions.
There are no files selected for viewing
16 changes: 16 additions & 0 deletions
16
Privacy Settings Whitelist - Apple/Remote Management/README.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
The command below will use tccprofile.py to generate a whitelist profile with the following characteristics: | ||
|
||
Allow Post Event control: | ||
|
||
/System/Library/CoreServices/RemoteManagement/ScreensharingAgent.bundle | ||
|
||
Used with the kickstart command-line utility on macOS Mojave to allow remote observation and control: | ||
|
||
https://support.apple.com/HT209161 | ||
|
||
|
||
Command used with tccprofile.py to generate the profile: | ||
|
||
/path/to/tccprofile.py --post-event "/System/Library/CoreServices/RemoteManagement/ScreensharingAgent.bundle" --allow --payload-description="This profile allows Allow Control mode when starting Apple Remote Management via kickstart" --payload-identifier="com.company.appleremotemanagement.tcc.privacy.whitelist" --payload-name="Privacy Settings Whitelist - Apple Remote Management" --payload-org="Company Name" --payload-version="1" -o Apple_Remote_Management_Control_And_Observe_v1.mobileconfig | ||
|
||
|
61 changes: 61 additions & 0 deletions
61
...le/Remote Management/Unsigned/Apple_Remote_Management_Control_And_Observe_v1.mobileconfig
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | ||
<plist version="1.0"> | ||
<dict> | ||
<key>PayloadContent</key> | ||
<array> | ||
<dict> | ||
<key>PayloadDescription</key> | ||
<string>This profile allows Allow Control mode when starting Apple Remote Management via kickstart</string> | ||
<key>PayloadDisplayName</key> | ||
<string>Privacy Settings Whitelist - Apple Remote Management</string> | ||
<key>PayloadIdentifier</key> | ||
<string>com.company.appleremotemanagement.tcc.privacy.whitelist.220EF6C5-D07A-11E8-ADF6-D0817ADA38E4</string> | ||
<key>PayloadOrganization</key> | ||
<string>Company Name</string> | ||
<key>PayloadType</key> | ||
<string>com.apple.TCC.configuration-profile-policy</string> | ||
<key>PayloadUUID</key> | ||
<string>220EF6C5-D07A-11E8-ADF6-D0817ADA38E4</string> | ||
<key>PayloadVersion</key> | ||
<integer>1</integer> | ||
<key>Services</key> | ||
<dict> | ||
<key>PostEvent</key> | ||
<array> | ||
<dict> | ||
<key>Allowed</key> | ||
<true/> | ||
<key>CodeRequirement</key> | ||
<string>identifier "com.apple.screensharing.agent" and anchor apple</string> | ||
<key>Comment</key> | ||
<string>Allow PostEvent control for ScreensharingAgent</string> | ||
<key>Identifier</key> | ||
<string>com.apple.screensharing.agent</string> | ||
<key>IdentifierType</key> | ||
<string>bundleID</string> | ||
</dict> | ||
</array> | ||
</dict> | ||
</dict> | ||
</array> | ||
<key>PayloadDescription</key> | ||
<string>This profile allows Allow Control mode when starting Apple Remote Management via kickstart</string> | ||
<key>PayloadDisplayName</key> | ||
<string>Privacy Settings Whitelist - Apple Remote Management</string> | ||
<key>PayloadIdentifier</key> | ||
<string>com.company.appleremotemanagement.tcc.privacy.whitelist</string> | ||
<key>PayloadOrganization</key> | ||
<string>Company Name</string> | ||
<key>PayloadRemovalDisallowed</key> | ||
<false/> | ||
<key>PayloadScope</key> | ||
<string>system</string> | ||
<key>PayloadType</key> | ||
<string>Configuration</string> | ||
<key>PayloadUUID</key> | ||
<string>221000F0-D07A-11E8-811E-D0817ADA38E4</string> | ||
<key>PayloadVersion</key> | ||
<integer>1</integer> | ||
</dict> | ||
</plist> |
File renamed without changes.
File renamed without changes.