Help

Enabling/Whitelisting Kernel Extensions -Catalina

rmgmedia
New Contributor III

Posted on ‎03-13-2020 08:56 AM

I am looking for a way to enable/allow a specific Kernel Extension. More specifically, VirtualBox. This is killing our use of VB on new machines and I have to basically do a remote session with every user and enable manually since they are not local admins.

Labels:
0 Kudos
4 REPLIES 4

sdagley
Esteemed Contributor II

Posted on ‎03-13-2020 09:23 AM

@rmgmedia You will find a lot of discussions about creating PPPC Configuration Profiles (what you're looking for) on Jamf Nation. This would be a good start:
PPPC and every app known to IT

rmgmedia
New Contributor III

Posted on ‎03-16-2020 08:24 AM

@sdagley Thanks. I found some helpful things, but I cannot figure out what to do if, when creating the PPPC, the only option I get is 'Deny'.
For example:
Zoom requires Screen Recording enabled, when I try to create a PPPC for it (using the Utility or from the JAMF server), I only get the 'Deny' option. What are my options?

0 Kudos

sdagley
Esteemed Contributor II

Posted on ‎03-16-2020 12:49 PM

@rmgmedia In a word, nothing. Any access for camera, microphone, or screen recording requires explicit user permission to enable. As you've discovered the only thing you can set for those via with a PPPC profile is Deny. This is not a shortcoming of Jamf Pro, just how Apple designed the permissions system.

rmgmedia
New Contributor III

Posted on ‎03-16-2020 02:27 PM

@sdagley Yeah. I've been reading about that. It's really getting in the way of new deployments.
I got the KEXT pretty much figured out (it's actually less complicated than I thought). Just have to deal with the PPPCs now.