Workspace ONE - Screen Capture Privacy Profile Creation

Standard macOS users are unable to screen capture in later versions of macOS. Creating and applying these profiles provides a workaround for this.

Create New Profile

  1. From within the WS1 console, go to Resources > Profiles & Baselines > Profiles > Add > Add Profile
  2. Choose Apple macOS > Device Profile
  3. Fill out the General tab:
    1. Name: Give your profile a name following the WS1 naming convention
    2. Version: Increments every time a change is made
    3. Description: Description of what your new policy does
    4. Deployment: Managed
    5. Assignment Type: Auto
    6. Allow Removal: Always
    7. Managed By: <Your Group Here>
    8.  Smart Groups: The Smart (Assignment) groups that will use this policy, assigning groups by sub-department is preferred, as they can easily be removed as the upgrade rolls out
    9. Exclusions: Yes/No
    10. Excluded Groups: <Fill in if necessary >
    11. Additional Assignment Criteria: <Fill in if necessary>

Screen Capture Profile Specifics

Privacy Preferences > Configure

    • Teams

      • Identifier: com.microsoft.teams 
      • Code Requirement: identifier "com.microsoft.teams" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9
      • Define App or Process: Screen Capture: Allow Standard User to Set System Service

    • WebEx

      • Identifier: Cisco-Systems.Spark 
      • Code Requirement: identifier "Cisco-Systems.Spark" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = DE8Y96K9QP
      • Define App or Process: Screen Capture: Allow Standard User to Set System Service

    • Zoom

      • Identifier: us.zoom.xos
      • Code Requirement: identifier "us.zoom.xos" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = BJ4HAAB9B3
      • Define App or Process: Screen Capture: Allow Standard User to Set System Service

    • Bomgar

      • Identifier: com.bomgar.bomgar-scc
      • Code Requirement: identifier "com.bomgar.bomgar-scc" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = B65TM49E24
      • Define App or Process: Accessibility: Allow, System Policy All Files: Allow, System Policy Sys Admin Files: Allow, Screen Capture: Allow Standard User to Set System Service

Keywords:
WS1 WorkspaceOne Profile Privacy screen share capture 
Doc ID:
124635
Owned by:
Tanya D. in DoIT Departmental Support
Created:
2023-03-07
Updated:
2025-03-24
Sites:
DoIT Departmental Support