When deploying a preference file (".plist") through MS Endpoint Manager ("Intune") to a supervised MacBook Pro I get a an error:
Setting name: ConfigurationXmlPcl
Error codes: -2016341103 and 0x87d11391
This is the preference file I am using:
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>EnableMediaRouter</key>
<false />
<key>HomepageLocation</key>
<string>https://somesubdomain.sharepoint.com</string>
<key>NewTabPageSearchBox</key>
<string>redirect</string>
<key>PasswordManagerEnabled</key>
<false />
<key>PasswordProtectionChangePasswordURL</key>
<string>https://passwordreset.somedomain.com</string>
</dict>
</plist>
Tried to search for the setting and the error codes, but could not find anything related to Intune.
Any push in the right direction is much appreciated.
I was having the same issue and error codes except trying to push Zoom configurations.
I was able to resolve this by stripping the all additional tags (, , etc) and leaving only values. For example my edited .plist looked like this:
<key>ZAutoSSOLogin</key>
<false/>
<key>ZSSOHost</key>
<string>******.zoom.us</string>
Also I had the 'Preference domain name'/App ID wrong and had to correct it (had entered us.zoom.voice and the actual App ID for Zoom for Mac is us.zoom.xos.)
Hope this helps.
How have you managed to define into your preference file the "PackageRecommand" settings with all the others.
I know that MS says to no include any dict bracket but i do not see any other ways to get all settings, and I followed the Zoom article.
For example, my preference file is looking as below
<dict>
<key>nogoogle</key>
<true/>
<key>nofacebook</key>
<true/>
<key>NoSSO</key>
<true/>
<key>KeepSignedIn</key>
<true/>
<key>zAutoUpdate</key>
<true/>
<key>EnableSilentAutoUpdate</key>
<true/>
<key>AlwaysCheckLatestVersion</key>
<true/>
<key>disableDaemonInstall</key>
<false/>
<key>Login_Domain</key>
<string>CorrectDomainName</string>
<key>EnableMirrorEffect</key>
<true/>
<key>PackageRecommend</key>
<dict>
<key>ZDisableVideo</key>
<false/>
<key>DisableComputerAudio</key>
<false/>
<key>MuteWhenLockScreen</key>
<true/>
<key>ZAutoJoinVoip</key>
<false/>
<key>AudioAutoAdjust</key>
<true/>
<key>ZDualMonitorOn</key>
<false/>
<key>ZAutoFullScreenWhenViewShare</key>
<false/>
<key>ZAutoFitWhenViewShare</key>
<true/>
<key>zDisableAnnotation</key>
<false/>
<key>EnableDoNotDisturbInSharing</key>
<true/>
<key>DisableWhiteboard</key>
<false/>
<key>EnableShareVideo</key>
<true/>
<key>EnableShareAudio</key>
<true/>
<key>FullScreenWhenJoin</key>
<false/>
<key>AutoHideToolbar</key>
<false/>
<key>ZUse720PByDefault</key>
<false/>
<key>zRemoteControllAllApp</key>
<true/>
<key>ConfirmWhenLeave</key>
<true/>
<key>DisableScreenShare</key>
<true/>
<key>SetSuppressBackgroundNoiseLevel</key>
<string>0</string>
</dict>
</dict>
Related
I am trying to add a CFBundleURLTypes entry to my entitlements in order to allow deep linking to my Electron app. This works when I do not use notarisation, however, I need my app notarised and the addition of CFBundleURLTypes is causing my app to crash immediately on opening it and reporting an Invalid Signature error, even though notarisation did not actually report a failure. Is there anything else needed to allow this, for example, an entry in the provisioning profile? So far I have not seen any evidence that my configuration is incorrect and according to my research, this should work as is
entitlements.mac.plist:
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.network.server</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<key>com.apple.security.device.audio-input</key>
<true/>
<key>com.apple.security.device.camera</key>
<true/>
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleTypeRole</key>
<string>Editor</string>
<key>CFBundleURLName</key>
<string>my-protocol-name-here</string>
<key>CFBundleURLSchemes</key>
<array>
<string>my-protocol-name-here</string>
</array>
</dict>
</array>
</dict>
</plist>
I fixed the issue by adding the protocol inside electron-builder setup instead of adding directly in entitlements.mac.plist:
protocols: {
name: "foo",
schemes: ["foo"]
},
I have an app that runs WebGL to render video for Mac App (Electron). It works fine when running on local build. However it renders blank screen on MacOS app store bulid in Sandbox mode. Checked the frames passed to shader and it looks ok. What could be wrong in this case? Any permission do we need for Mac App store build?
info.plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.application-identifier</key>
<string>xxxxx.desktop.xxxxx</string>
<key>com.apple.developer.team-identifier</key>
<string>xxxxx</string>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.application-groups</key>
<string>xxxxx.desktop.xxxxx</string>
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.network.server</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<key>com.apple.security.device.camera</key>
<true/>
<key>com.apple.security.device.microphone</key>
<true/>
<key>com.apple.security.device.audio-input</key>
<true/>
<key>com.apple.security.device.usb</key>
<true/>
<key>com.apple.security.device.bluetooth</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.files.downloads.read-write</key>
<true/>
</dict>
</plist>
I have a housekeeping Fake build that I'd like to run every hour. My build runs fine from the CLI with fake run, but when I try to use it from launchd, it outputs "Error while parsing command line, usage is: etc."
My Housekeeping.plist looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>EnvironmentVariables</key>
<dict>
<key>DOTNET_CLI_HOME</key>
<string>/Users/larryobrien</string>
</dict>
<key>InitGroups</key>
<true/>
<key>Label</key>
<string>CheckDoing</string>
<key>ProgramArguments</key>
<array>
<string>/Users/larryobrien/.dotnet/tools/fake</string>
<string>run</string>
</array>
<key>StandardErrorPath</key>
<string>CheckDoing.err</string>
<key>StandardOutPath</key>
<string>CheckDoing.out</string>
<key>StartCalendarInterval</key>
<array>
<dict>
<key>Minute</key>
<integer>0</integer>
</dict>
</array>
<key>WorkingDirectory</key>
<string>/Users/larryobrien/src/Housekeeping</string>
</dict>
</plist>
Not sure if this is an SO question or a Superuser question, but since I think it boils down to a familiarity with Fake, I'm going to try it here.
Supposedly temporary exceptions can be configured via your app's Info.plist file.
Following other answers, I added this entry to the info.plist but it does not help (even worse, after I changed the xml file I get a permission error when I attempt to run the app on my iPhone but not on the simulator - but that is a different problem.)
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
From Project Navigator click your project's name.
Now, on the right side you' ll see the General Tab of your project.
Select the Info and in the Customs iOS Target Properties add a new type.
Name it as NSAppTransportSecurity, type as Dictionary.
Inside that add a new item and name it as NSAllowsArbitraryLoads, type as Boolean, value YES.
Hope that will solve your problems.
#SamHeather I tried to post this in Comments, but apparently too long.. This is white listing Facebook domains which is mandatory for the Facebook SDK integration. You can change these of course to fit your needs.
Currently whitelisted are: akamaidhd.net, facebook.com, and fbcdn.net.
You could change these like such for example:
<key>(your domain name) </key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
Facebook white listing below:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
<key>NSExceptionDomains</key>
<dict>
<key>akamaihd.net</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
<key>facebook.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
<key>fbcdn.net</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
</dict>
</dict>
I'm trying to use Launchctl to launch svnserve process but I keep getting an error saying "no plist was returned for:/Library/LaunchAgents/org.tigris.subversion.svnserve.plist". This is where svnserve is /opt/local/bin/svnserve and this is the plist file
Any thoughts what might be wrong here ?
<dict>
<key>Disabled</key>
<false/>
<key>Label</key>
<string>org.tigris.subversion.svnserve</string>
<key>ProgramArguments</key>
<array>
<string>/opt/local/bin/svnserve</string>
<string>--inetd</string>
<string>--root=/Users/Sunit/Repositories</string>
</array>
<key>ServiceDescription</key>
<string>SVN Version Control System/string>
<key>Sockets</key>
<dict>
<key>Listeners</key>
<array>
<dict>
<key>SockFamily</key>
<string>IPv4</string>
<key>SockServiceName</key>
<string>svn</string>
<key>SockType</key>
<string>stream</string>
</dict>
<dict>
<key>SockFamily</key>
<string>IPv6</string>
<key>SockServiceName</key>
<string>svn</string>
<key>SockType</key>
<string>stream</string>
</dict>
</array>
</dict>
That file is not valid XML - you don't close the <string> tag on line 13 correctly, and you never close the outermost <dict> tag.
You can use plutil -lint to check a property list's validity, or simply use Property List Editor, Xcode or a third-party property list editor to construct the property list graphically.