search

poundbangbash / community-screenrecording-pppc-profile

Management profile for MDM of all community provided apps that use ScreenRecording on macOS
174 stars 55 forks source link

More Information please #20

Closed xastherion closed 1 year ago

xastherion commented 3 years ago

Hi people, Very nice idee! Thanks! But unfortunately i don´t achieve to use it. I have a MDM solution (Profilemanager :-( sorry about) and i know ProfileCreator, Munki and another tools.

i think the step 2:

  1. Run codesign -dr - /path/to/app to get the codesign designation. is for the application self (doesn´t work with the profile), also Teams, Zoom or Firefox. I use it so and go well.

I don´t find any way to put this Profile in my Profilemanager, i think maybe Custom Settings, but here you can´t put a Profile, only a plist. I Try to convert this with ProfileCreator, but this don´t go to .plist.

If i only open the profil in the target computer, i become this as "Unsigned". If i still install it, i become the message:

"profile installation failed. The profile must originate from a user aproved MDM server".

How can i approve this profile in my MDM Server?

Maybe it is another way to configure it over this Custom Settings, but how?

By the way, the stupid Security Restriction from Apple ist a big problem for wide organizations with Macs without Users with administration rights. I see your solution is a more posible to achieve our goals, but the information about is some poor (for me). Maybe only a bunch of links, can help me and another people with my same problems.

Please can you better explain how to sing the profil, load in mdm, install on mac a so on?

Regards Xastherion

angela-d commented 2 years ago

Based on the date of this, I assume you already found a solution.

Posting here in case someone else also has this question, in the future.

How you import it depends on your MDM. I've never used the ones you mentioned, but .mobileconfig cannot be imported the same as .plist (at least, in my experience with Filewave MDM)

This is how I imported the .mobileconfig from this repo into Filewave, maybe it'll be similar to yours?:

  1. New Desktop Fileset
  2. Import
  3. Attach the raw code (xml values only, without Github's line numbering)

In summary, I did not create the profile ahead of time. I simply went to where I import a pre-made profile, which is what this is.

After you've imported it, you can name it or remove apps your organization doesn't use, and also add apps that might not already be listed.

DTIEDL commented 2 years ago

Any one use this to import into Jamf?

poundbangbash commented 1 year ago

angela-d's answer addresses the initial question. This is not an issue with the code or project itself so I'm closing this Issue on the repo. If you have futher questions regarding PPPC profiles in MDM, please reach out in the Macadmins Slack or talk to your MDM vendor.

Note, this profile is not intended to be used verbatim as that would allow the user to allow screen recording for apps that you may not want them to use. This project is to provide structured data in a way that is easy to self-edit to quickly allow apps that are in your interest.