Jump to content

Recommended Posts

Posted

Many apps on macOS require an admin user to allow certain privacy & security settings, e.g. Teams needs Accessibility access and screen recording rights.

Is there a way to deploy these settings through profiles or maybe even elevate a normal user to grant specific rights?

(Another example: I can't pause/unpause a printer from the print center because this requires admin privileges)

  • Moderators
Posted

TCC/PPPC rights, as they are known, are managed with Security & Privacy profiles.  There are two different Security & Privacy Profile types (Apple used to have this all in one profile and then they split out TCC from the rest):

 

There are two profiles in our example TeamViewer recipe which offers two approaches to options which you may find useful, since there will be some similarity:

https://kb.filewave.com/books/teamviewer/page/teamviewer-macos-client-setup

Apple never made this easy, when it comes to identifying what is required:

https://kb.filewave.com/books/profiles-apple/page/macos-privacy-preferences-payload-in-mojave-1014

But you may well find examples on the Web specifically for Teams.  Many major vendors supply the necessary details to configure these settings.

 

Printer settings are different.  This is standard admin permissions and staff users do not have the ability to manage many print features by default.  However, you can add users to additional groups.  Something like:

/usr/sbin/dseditgroup -o edit -n /Local/Default -a staff -t group lpadmin

 

  • Like 1
  • Thanks 1
  • 1 month later...

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...