To install Sophos Endpoint on MacOS, it requires adding Sophos Files to Full Disc Access.
I have a beginning script to open Security Preferences, go to Security & Privacy, go to the Privacy tab, Unlock, and the ability to put a check in existing applications in Full Disk Access. I however am stuck in "adding an application" where i can add the application to the existing list.
I would need to pull from /Library/ and from /Applications/Sophos/
The script I have gets me into Privacy\Full Disk Access and unlocked, but I can't get it to click the "Add an application".
Related
We just virtualized a Windows server in Azure and everything in working fine on Client side, but we are not being able to solve the indexing search problem.
When you have a local drive, Windows can index the path and searches works fine using Windows menu/search box in task bar. But for shared drives it seems to fail.
In Windows Explorer the search pretends to work, but it takes forever to find a file or folder. And sometimes it just won't move anywhere. So it is not an option for users since them are used to search using menu bar.
We have tried to change drive properties in Right button to Shared Driver > "Allow files on this drive to have contents indexed in addition to file properties, but it was already enabled.
When we try to disable it, it prompts an error saying that the user doesn't have permission to do it, but it does anyway. And when we try to re-enable, the message prompts again, but it is enabled with no problem at all. But once again, nothing changes and Initial Menu Search just won't work.
Does anyone knows if there is a solution for that?
For me it seems to be an server setup since I see that permission error, but, as far as I know, if the shared driver is already mounted, I can't see a reason why Windows can't index it.
Ps.1: In the shared drive security tab, the System has full permissions.
Ps.2: If there is a solution for this, is that possible to solve it on the Windows server Side so we won't need to access client by client to change it manually?
enter image description here
Please check the following setting and see.
1.First thing is to check network location is being indexed. open File Explorer right-click on the mapped network drive that you need to index, then select the Properties and Make sure that, the Allow Files on this Drive to Have Contents Indexed checkbox is selected.
You have already done this step
2.try to check the search options for network drive in file explorer, go to view tab>>click on Options Icon and choose the change folder and search option menu it will open the folder options dialog box and select search tab and make sure first option is not selected
3.check server side Indexing
4.we need to make sure search service needs to be running.
Open services.msc check for the wndows search service and try to restart the service.
5.Go to Settings on the Windows 10 desktop, then click on Search, followed by Searching Windows scroll down and try to run the indexer troubleshooter
Reference https://learn.microsoft.com/en-us/troubleshoot/windows-client/shell-experience/fix-problems-in-windows-search
I am building an app in Xcode that uses Core Location. On first run the app asks the user for permission. I want to revoke this permission to trigger the flow anew.
I cannot find my app in the list of apps under Settings / Location Services.
It's odd that your app isn't in Security & Privacy->Location Services. I don't have an answer to that.
If you do uncheck the permission in that pane, though, you won't start the flow anew. Instead you'll be simulating a rejection of permission (user denied the permission request).
The tccutil command line program ought to be able to manipulate those settings. But I tried tccutil reset All on my machine and it didn't affect Location privacy.
It looks like the property list at /var/db/locationd/clients.plist has the authorized applications. So you might be able to edit that file with the plutil command line tool to remove your application. Or just make a copy, edit with Xcode to remove your application, and swap in that copy for testing.
sudo bash
plutil -p /var/db/locationd/clients.plist
Im trying to allow another computer in the same network so acces a server I have local on my computer.
As far as I know, this should be administrated in Componentservices (accesing it by running dcomcnfg.exe). I then rightclick on My Computer and click on the Properties option. Then i click on the tab called Standardproperties and then I check "Activate distributed COM on this computer".
Then I go to COM-safety and click on EDIT. But Distrubuted COM is not in that list for me to administer.
What am I missing?
My (sandboxed) OSX application is trying to launch biber (a bibliography tool for LaTeX). However it fails to launch and I get the following message saying that the application has marked biber as quarantined in Console.App.
25/03/2013 16:44:15.000 kernel[0]: exec of /private/var/folders/s1/70f5my9n6wq0_kk7bcxjslhh0000gn/T/com.abc.XYZ/par-64756e63616e737465656c65/cache-ef42c8d5d44e40bdd24828b0ae70de275e379c88/biber denied since it was quarantined by XYZ and not approved by Gatekeeper, qtn-flags was 0x00000002
This does not happen with any of the other binaries invoked by the application.
This application has an active SSB for the whole harddrive so there are no issues launching, or accessing, external files.
Why and how am I marking that file as quarantined, and how to I remove the quarantine so that it can execute? Thanks for your help.
EDIT If it helps, the contents of that directory are
biber
libperl.dylib
running ls -l#eOd shows them both to have the attribute com.apple.quarantine, however I'm not sure what copied them into that directory, or how they gained that flag. The original copies are not quarantined.
Looks like this 'biber' is not an application download from Mac App Store or identified developers (with Apple Developer ID). So you must manually allow its launch.
Usually there are three ways to do this:
Right click on application and click "Open" from the context menu. There will be a warning, just click "Open". OSX will remember your choice and next time it will open.
You can change Gatekeeper's settings: "System Preferences" -> "Security & Privacy" -> "General" tab. Unlock to make changes. Choose "Anywhere" in the "Allow applications downloaded from" section. Note: it decreases security and there will be a warning about it with the proposal to use first solution.
Remove 'quarantine attribute' from the app. In terminal run command: xattr -d com.apple.quarantine <your_app>
I prefer the last solution. All solutions are for the applications, but I think will also work for the utility.
I installed my application in Windows 7 and as part of the installation, it installs some text files. Now, if I open the text file in notepad and try to save it, I get an "Access denied" error. I'm logged in as administrator on the machine and the file is not marked read only and security permissions seem to be fine.
However, I could delete or rename the file without any problem and I could create a new file with the same name/location using notepad and the save works fine.
I understand it has something to do with UAC. I'm wondering what UAC does in order to block access to the file. Our application is not installed in Program files folder as I believe UAC restrict any changes to files in Program Files folder
Can anyone throw light on what is going on.
regards
G
With UAC, just because you're logged in as a user with administrator privileges does not mean a program actually runs with them. The program has to either request privilege elevation (which gives the "Do you want to allow this program to _____" UAC pop-up) or explicitly be run as administrator (right-click on the program/shortcut and choose Run as Administrator).
By default most areas of the drive outside of the standard "user files" (a.k.a. My Documents & co.) are restricted to administrator-only access, but the folder permissions can be changed to add access for a particular user if desired.
You will find that saving files almost anywhere except the "my documents" area for the user will be restricted, this includes saving to other drives on the system etc.
If you check the permissions for the directory you are trying to write to, all you have to do is expressely give the user permission. Otherwise only the admins have permission, which requires UAC approval from the user to get the admin token.
You normally get "Access Denied" error when the file is in use. UAC could not be an issue here. Check out if the file is in use by anyother process.
You can use tools like Process Explorer from sysinternals to do that.
You have to right click the file and select properties. THen open the security tab and you can see different accounts with differet privelages. Click USERS and it should highlight. The box under it should have a bunch of check marks that indicate what this user can do. Click Full Control. Apply and Okay. Then you can save!!!