Skip to main content

Scalefusion macOS PPPC Configuration (Privacy Permissions)


This guide explains how to configure Privacy Preferences Policy Control (PPPC) in Scalefusion for macOS devices. This allows permissions like Accessibility, Full Disk Access, and Screen Recording to be granted silently via MDM.

Overview

PPPC policies control macOS privacy permissions for applications such as:

  • MDM agents
  • Remote support tools
  • Monitoring and security applications

Common applications:

  • Scalefusion MDM Client
  • Remote Support
Important: Devices must be Supervised and enrolled via Apple Business Manager / Apple School Manager (ADE). Otherwise, macOS will ignore or partially apply these settings.

Prerequisites

  • Device enrolled in Scalefusion MDM
  • Device is supervised
  • Access to Terminal on a Mac
  • Application installed or available on the system

Step 1 – Get Bundle ID

Scalefusion MDM Client:

osascript -e 'id of app "Scalefusion-MDM Client"'

Remote Support:

osascript -e 'id of app "Remote Support"'

Example output:

com.promobitech.scalefusion.mac

Step 2 – Get Code Requirement

Scalefusion MDM Client:

codesign -dr - "/Applications/Scalefusion-MDM Client.app" 2>&1

Remote Support:

codesign -dr - "/Applications/Remote Support.app" 2>&1

Example output:

designated => identifier "com.promobitech.scalefusion.mac" and anchor apple generic ...

Important: Copy everything after designated => as a single line.

Step 3 – Configure in Scalefusion

Navigate to:

Device Profiles & Policies → Apple Configurations → Privacy Preferences (PPPC)

Step 4 – Create App Permission Entry

Field Value
Identifier Type Bundle ID
Bundle ID From Step 1
Code Requirement From Step 2
Static Code Unchecked
State Grant

Step 5 – Required Permissions

Scalefusion MDM Client:

  • Accessibility → Grant
  • Full Disk Access → Grant
  • Reminders → Grant

Remote Support:

  • Accessibility → Grant
  • Screen Recording → Grant
  • Full Disk Access → Grant (optional)

Common Mistakes

  • Using "/" in Code Requirement → Incorrect
  • Wrong app name/path → Must match exactly
  • Multi-line Code Requirement → Must be single line
  • Wrong Bundle ID → Each app is different

Verification

  1. Open System Settings
  2. Go to Privacy & Security
  3. Check:
    • Accessibility
    • Full Disk Access
    • Screen Recording
  4. Confirm the app is already enabled

Troubleshooting

  • Ensure device is supervised
  • Ensure ADE enrollment
  • Verify Bundle ID and Code Requirement
  • Ensure app is installed via MDM

Summary

To successfully configure PPPC in Scalefusion:

  • Use correct Bundle ID
  • Use exact Code Requirement
  • Ensure proper MDM supervision

When done correctly, permissions are granted automatically with no user interaction required.

No comments to display

Back to top