Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7024
Views
6
Helpful
5
Replies

macOS Privacy Preferences Full Disk Access

Go to solution
dbooth
Level 5
Level 5

‎10-28-2025 04:58 AM

Hi. Does anyone have any insights into configuring a Privacy Preferences payload for macOS to give an application Full Disk Access (the permission shown in Systems Manager is 'System Policy All Files')? I am trying to do this for Cisco Secure Client & Cisco Secure Endpoint, using the Secure Endpoint published documentation (by specifying the BundleID), but it just doesn't seem to get applied. I've checked the BundleID given in the documentation matches the application when installed and it does. Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dbooth
Level 5
Level 5

‎10-31-2025 02:01 AM

It turns out that when you configure the Full Disk Access permissions it doesn't get reflected in the GUI on the device, so when I was thinking it wasn't being applied it actually was. There's just no way of verifying the policy is being applied on the end device other than if the application you're granting the permission to starts working correctly/stops complaining.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
aleabrahao
Meraki Community All-Star
Meraki Community All-Star

‎10-28-2025 09:57 AM

Cisco Secure Endpoint requires Full Disk Access for versions 1.18.0 and newer. Ensure your connector version is compatible.

Configure Permissions for Secure Endpoint Mac Connector and Orbital with MDM: Full Disk Access, System Extensions - Cisco

macOS 11+ requires System Extensions approval for Cisco Secure Client. You may need a separate payload for this.

Cisco Secure Client (including AnyConnect) Administrator Guide, Release 5 - Appendix: Cisco Secure Client Changes Related to macOS 11 (And Later) [Cisco Secure Client (including AnyConnect)] - Cisco

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Go to solution
dbooth
Level 5
Level 5
In response to aleabrahao

‎10-31-2025 01:58 AM

Hi Alessandro, thanks these were the documents I had found originally to help me try and apply these settings.

0 Helpful

Go to solution
BlakeRichardson
Meraki Community All-Star
Meraki Community All-Star

‎10-28-2025 01:00 PM

Try this utility.

https://github.com/jamf/PPPC-Utility

I have started seeing vendors provide a mobileconfig.profile for users to upload to their MDM that contain all of the relevant settings so hopefully Cisco does this soon.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Go to solution
dbooth
Level 5
Level 5
In response to BlakeRichardson

‎10-31-2025 01:58 AM

Blake, I had seen mentions of such utilities so thanks for the link.

0 Helpful

Go to solution
dbooth
Level 5
Level 5

‎10-31-2025 02:01 AM

It turns out that when you configure the Full Disk Access permissions it doesn't get reflected in the GUI on the device, so when I was thinking it wasn't being applied it actually was. There's just no way of verifying the policy is being applied on the end device other than if the application you're granting the permission to starts working correctly/stops complaining.

0 Helpful
Customers Also Viewed These Support Documents