Workspace ONE - Screen Capture Privacy Profile Creation

In recent versions of macOS standard users are unable to enable screen capture by default, instead requiring administrative user credentials to do so. Standard users can be allowed to do this using an MDM profile assigned to the device. This document describes the profile settings required to accomplish this for common campus applications.
[Doc 128167 content is unavailable at this time.]

Screen Capture Profile Specifics

From the Privacy Preferences payload tab, add the applications below of your choosing:

BeyondTrust Remote Support (formerly Bomgar)

  • Identifier: com.bomgar.bomgar-scc
  • Identifier Type: Bundle ID
  • Code Requirement: identifier "com.bomgar.bomgar-scc" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = B65TM49E24
  • Services:
    • Accessibility: Allow
    • System Policy All Files: Allow
    • System Policy Sys Admin Files: Allow
    • Screen Capture: Allow Standard User to Set System Service

DisplayLink Manager

  • Identifier: com.displaylink.DisplayLinkUserAgent
  • Identifier Type: Bundle ID
  • Code Requirement: anchor apple generic and identifier "com.displaylink.DisplayLinkUserAgent" and certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "73YQY62QM3"
  • Services:
    • Screen Capture: Allow Standard User to Set System Service

    Microsoft Teams (Classic)

    • Identifier: com.microsoft.teams
    • Identifier Type: Bundle ID
    • Code Requirement: identifier "com.microsoft.teams" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9
    • Services:
      • Screen Capture: Allow Standard User to Set System Service

      Microsoft Teams (New)

      • Identifier: com.microsoft.teams2
      • Identifier Type: Bundle ID
      • Code Requirement: identifier "com.microsoft.teams2" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9
      • Services:
        • Screen Capture: Allow Standard User to Set System Service

        Webex

        • Identifier: com.webex.meetingmanager
        • Identifier Type: Bundle ID
        • Code Requirement: identifier "com.webex.meetingmanager" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = DE8Y96K9QP
        • Services:
          • Screen Capture: Allow Standard User to Set System Service

        Zoom

        • Identifier: us.zoom.xos
        • Identifier Type: Bundle ID
        • Code Requirement: identifier "us.zoom.xos" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = BJ4HAAB9B3
        • Services:
          • Screen Capture: Allow Standard User to Set System Service

        Keywords:
        WS1 WorkspaceOne Profile Privacy screen share capture recording pppc 
        Doc ID:
        124636
        Owned by:
        Tanya D. in Endpoint Management
        Created:
        2023-03-07
        Updated:
        2024-03-20
        Sites:
        DoIT Help Desk, Endpoint Management
        Clean URL:
        https://kb.wisc.edu/workspace-one-screen-capture-privacy-profile-creation