Meraki

Community

m_agent Events access

Solved
_aDiedericks
Getting noticed
‎Jun 22 2022 9:22 AM
‎Jun 22 2022 9:22 AM

m_agent Events access

Hi there,

Can anyone confirm if m_agent on MacOS requires any System Extension permissions to be added. We're seeing the below popup when pushing a notification to devices that have m_agent privacy permissions already configured for accessibility, full disk access and screen record.

Screenshot 2022-06-22 at 17.21.05.png

Labels:
0 Kudos
1 Accepted Solution
MattMorg
Meraki Employee
Meraki Employee
‎Jun 22 2022 11:14 AM
‎Jun 22 2022 11:14 AM

macOS devices should get a profile (automatically) called "Meraki Agent Settings for {network_name}". This profile contains all the appropriate Privacy Preferences Policy Control (PPPC) settings for the SM agent to function. First check and see if this profile is installed or not, you should see it installed locally in the Systems Preferences app on macOS, or in the Profile List in Dashboard. If this profile is installed fine but not enabling these permissions, please open a support case and share the example device + SM agent version. Also, if there's a specific action (such as send notification) causing this prompt, please share it in the support case for further review. Thank you! 

View solution in original post

6 Replies 6
MattMorg
Meraki Employee
Meraki Employee
‎Jun 22 2022 11:14 AM
‎Jun 22 2022 11:14 AM

macOS devices should get a profile (automatically) called "Meraki Agent Settings for {network_name}". This profile contains all the appropriate Privacy Preferences Policy Control (PPPC) settings for the SM agent to function. First check and see if this profile is installed or not, you should see it installed locally in the Systems Preferences app on macOS, or in the Profile List in Dashboard. If this profile is installed fine but not enabling these permissions, please open a support case and share the example device + SM agent version. Also, if there's a specific action (such as send notification) causing this prompt, please share it in the support case for further review. Thank you! 

In response to MattMorg
_aDiedericks
Getting noticed
‎Jun 22 2022 12:27 PM
‎Jun 22 2022 12:27 PM

We're seeing a similar issue onboarding Sophos onto the end user's machine our process if manual.
1. Enroll via enrollment string

2. Wait for PPPC to be pushed to the machine
3. Install Sophos

Once we install Sophos we still get a message like the above for a system extension that's made for Network Filtering even though we've added it to System Extension config in profiles   

0 Kudos
In response to MattMorg
_aDiedericks
Getting noticed
‎Jun 29 2022 3:48 AM
‎Jun 29 2022 3:48 AM

You are 100% correct, we had a few causes where the above popup appeared. None of those devices have the SM agent policy pushed

In response to MattMorg
JRogers
Comes here often
‎Jul 14 2022 10:06 AM
‎Jul 14 2022 10:06 AM

Is this profile automatically created in the Meraki Dashboard, or is this something we must create?

I ask because I have a profile in Meraki Dashboard that is named Meraki Agent Settings for ...  However, it is a "custom Apple profile"  (.mobileconfig).

It's been a while, and I can't remember if this is something I did, or if this just appeared.

We are seeing issues where this profile is installed, but end user is still being prompted to allow.

0 Kudos
In response to JRogers
MattMorg
Meraki Employee
Meraki Employee
‎Jul 14 2022 10:34 AM
‎Jul 14 2022 10:34 AM

@JRogers the profile for the agent's permissions should be created automatically. If you're not seeing that: make sure the device is enrolled with the MDM profile (not just the agent), and using a newer version of the agent (anything over 3.1.X should be good) which can be set in SM > Configure > General. After that, the agent's permission profile should be installed from SM automatically on macOS devices. 

0 Kudos
Richard_W
A model citizen
‎Aug 1 2024 8:49 AM
‎Aug 1 2024 8:49 AM

So why am I still not able to control via remote access/screenshot without the screenshot from above. I posed this question to support and they stated that I had to deploy my own PPPC and that @MattMorg  was incorrect in his statements. Any solutions?

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.