Due to increased security for Mac OS 10.14 Mojave, users are prompted to authorize the Zoom Rooms app to use the microphone and camera when it is first installed. If you are using MDM to deploy and manage Zoom Rooms, you can bypass this prompt by deploying an MDM profile with a certain configuration to the Zoom Room device.
This article covers:
- OS 10.14 Mojave
- Zoom Room license
- MDM service
Configuring the MDM profile
You can add access authorization to a profile with Privacy Service Dictionary Keys, but access to the system's camera and microphone can only be denied. Configuring the "SystemPolicyAllFiles" key, on the other hand, will allow the Zoom Room application to access all protected files and the camera/microphone.
- Open your MDM service and create a custom profile.
- View the .plist file attached at the bottom of this page to see an example of the XML needed for the profile.
- Deliver the device profile via your MDM server.
- Check to see if your profile has been successfully delivered by navigating to System Preferences then selecting Profiles on the Mac device.
Configuring with AirWatch
- Open AirWatch, select the Profiles section, and click ADD.
- Click Add Profile and select "macOS" - "Device Profile" for the platform.
- Input the required information on the next page, then click Privacy Preferences.
- On the next page, input the following values into the fields shown below:
- Identifier = us.zoom.ZoomPresence
- Identifier Type = BUNDLE ID
- Code Requirement = identifier "us.zoom.ZoomPresence" and anchor apple generic
- System Policy All Files = Allow
- Accessibility = Allow (select to allow the Zoom Room app to dismiss screensavers on macOS 10.14)
- Save the page and publish your work. If assignment type is set to Optional, navigate to the device detail page and install the profile manually, otherwise it will be installed automatically.