The easiest way to distribute the necessary Privacy Preference payload is to upload the MDM-privacyconfig.mobileconfig file, which is in the mounted DMG of the installer in the docs folder.

The following steps recreate the mobileconfig in your MDM.

These instructions were created using Apple documentation and were validated in Jamf PRO and WorkspaceONE UEM using sensor version 3.5.0.30. Field names, values, and functionality vary depending on the MDM framework or sensor version.

Granting an application full disk access is accomplished via a Privacy Preferences payload. The Carbon Black Cloud Sensor requires five identifiers in this Privacy payload.

Procedure

  • The fields should be completed exactly as follows. Copy and paste for accuracy.

    Identifier: com.vmware.carbonblack.cloud.daemon

    Identifier Type: Bundle ID

    Code Requirement:

    identifier "com.vmware.carbonblack.cloud.daemon" and anchor apple generic 
                            and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and 
                            certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and 
                            certificate leaf[subject.OU] = "7AGZNQ2S2T"

    App or Service: SystemPolicyAllFiles

    Access: Allow

    Identifier: com.vmware.carbonblack.cloud.osqueryi

    Identifier Type: Bundle ID

    Code Requirement:

    identifier "com.vmware.carbonblack.cloud.osqueryi" and anchor apple generic 
                            and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and 
                            certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and 
                            certificate leaf[subject.OU] = "7AGZNQ2S2T"

    App or Service: SystemPolicyAllFiles

    Access: Allow

    Identifier: com.vmware.carbonblack.cloud.se-agent.extension

    Identifier Type: Bundle ID

    Code Requirement:

    identifier "com.vmware.carbonblack.cloud.se-agent.extension" and anchor apple generic 
                            and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */and 
                            certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and 
                            certificate leaf[subject.OU] = "7AGZNQ2S2T"

    App or Service: SystemPolicyAllFiles

    Access: Allow

    Identifier: com.vmware.carbonblack.cloud.uninstall

    Identifier Type: Bundle ID

    Code Requirement:

    identifier "com.vmware.carbonblack.cloud.uninstall" and anchor apple generic 
                            and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and 
                            certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and 
                            certificate leaf[subject.OU] = "7AGZNQ2S2T"

    App or Service: SystemPolicyAllFiles

    Access: Allow

    Identifier: com.vmware.carbonblack.cloud.uninstallerui

    Identifier Type: Bundle ID

    Code Requirement:

    identifier "com.vmware.carbonblack.cloud.uninstallerui" and anchor apple 
                            generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and 
                            certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and 
                            certificate leaf[subject.OU] = "7AGZNQ2S2T"

    App or Service: SystemPolicyAllFiles

    Access: Allow