2024-10-31 21:48:6 Author: derflounder.wordpress.com(查看原文) 阅读量:9 收藏
Home > Mac administration, macOS, Management Profiles > Managing user notifications for apps which request screen access on macOS Sequoia 15.1
Managing user notifications for apps which request screen access on macOS Sequoia 15.1
As part of the macOS Sequoia 15.1 release notes, this section is included:
MDM profiles can use the new key ‘forceBypassScreenCaptureAlert’, which allows owners of managed devices to opt out of user notifications for content capture technologies. (131327961)
What’s this note discussing? It’s referring to a user notification that Apple introduced in macOS Sequoia for apps which request screen access but aren’t using Apple’s SCContentSharingPickerMode API to do so. A good example is the user notification for the Zoom app, which uses screen access for video conferencing.
These user notifications appear monthly and request the user to choose whether or not they want to allow this access for the app in question.
For Mac environments which want to manage these notifications and prevent them from being displayed to their users, Apple has provided management options as part of macOS Sequoia 15.1. For more details, please see below the jump.
The relevant preference domain and key values are listed below:
- Preference domain: com.apple.applicationaccess
- Key: forceBypassScreenCaptureAlert
- Value: Boolean
It’s important to note that while this management setting works on macOS Sequoia 15.1, it is not available to macOS Sequoia 15.0.1, 15.0.0 or earlier versions of macOS.
These settings can be managed by a configuration profile, where setting a boolean value of true will disable the user notifications. Please see below for an example profile. The example profile is also available via the following link:
https://github.com/rtrouton/profiles/tree/main/DisableScreenAccessRequestUserNotifications
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>PayloadContent</key> | |
| <array> | |
| <dict> | |
| <key>PayloadDisplayName</key> | |
| <string>Restrictions</string> | |
| <key>PayloadIdentifier</key> | |
| <string>com.apple.applicationaccess.C70F311D-B330-4620-9097-F98FD7E39E33</string> | |
| <key>PayloadType</key> | |
| <string>com.apple.applicationaccess</string> | |
| <key>PayloadUUID</key> | |
| <string>C70F311D-B330-4620-9097-F98FD7E39E33</string> | |
| <key>PayloadVersion</key> | |
| <integer>1</integer> | |
| <key>forceBypassScreenCaptureAlert</key> | |
| <true/> | |
| </dict> | |
| </array> | |
| <key>PayloadDescription</key> | |
| <string>Disables user notifications for apps which request screen access</string> | |
| <key>PayloadDisplayName</key> | |
| <string>Disable Screen Access Request User Notifications</string> | |
| <key>PayloadIdentifier</key> | |
| <string>1A6E3566-0112-40F7-A49F-416D99C61566</string> | |
| <key>PayloadOrganization</key> | |
| <string>Company Name</string> | |
| <key>PayloadScope</key> | |
| <string>System</string> | |
| <key>PayloadType</key> | |
| <string>Configuration</string> | |
| <key>PayloadUUID</key> | |
| <string>1A6E3566-0112-40F7-A49F-416D99C61566</string> | |
| <key>PayloadVersion</key> | |
| <integer>1</integer> | |
| </dict> | |
| </plist> |
Note: If you’re planning to use the example profile with Jamf Pro, it will need to be signed before it can be uploaded to Jamf Pro. If you’re not familiar with how to sign profiles, the post linked below is a good guide to how that process works:
https://macblog.org/sign-configuration-profiles/
As an alternative, you can use the Application & Custom Settings profile payload in Jamf Pro with the plist shown below to create a profile with the same functionality as the example profile.
如有侵权请联系:admin#unsafe.sh