How to Manage App Permissions When Using Intune on macOS?

By
Anthony Fisher
-
0
7
Asked By TechSavvyMonster89 On

I'm working with Intune and the Company Portal to deploy apps on macOS, but I'm running into issues with app ownership and permissions. When apps are installed, they seem to be owned by root, which triggers a prompt for admin permissions to install a helper tool when the app is launched. I've found two possible workarounds: 1) changing the ownership of the app to the user with a command like `chown -R "$(stat -f '%Su' /dev/console)":staff /Applications/$AppName.app` and 2) disabling the auto-update feature for the app to avoid the prompt. However, we really want the apps to update automatically, especially since Intune doesn't manage updates well. Would it make sense to implement the ownership change command as a post-install script for every app we deploy? Also, we prefer not to give admin rights to all our Mac users. Additionally, I've considered using a tool like App-Auto-Patch for managing updates, but it doesn't solve the helper tool issue. What are the best practices for handling this?

3 Answers

Answered By GadgetGuru92 On

It sounds like you're in a bit of a tough spot! From what I've seen, configuring the app permissions through profiles might help without needing to give users admin access. Have you looked into whether Intune can set ownership during the deployment process?

Answered By MaverickCoder23 On

I had a similar issue and found that creating a user-specific applications folder helped. It seems apps don’t prompt for admin permissions in that case, especially certain ones like Firefox. I think that might be a more manageable route with Intune, but I haven’t fully figured it out yet.

Answered By AdminWhisperer11 On

You raise a good point about the helper tool prompts. To your suggestion about running the ownership command as a post-install script, that could work, but I'd recommend being cautious. It's great to hear you're considering tools like App-Auto-Patch for updates; they can definitely help, but you'll need to find a balance between user permissions and update automation.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.