Your comments
Alex
Again, i posted this as a warning for Enterprise/Business people to NOT upgrade to Catalina yet, this is not something within ConnectWise's control and there is nothing for them to fix.
There is a simple Tickbox within Catalina to fix this issue, so Connectwise's software works just fine and as intended, this is a simple addition/extension to the "sandboxing" of any non Apple application that was introduced in Mojave, and like that introduction in Mojave, this one in Catalina was also not announced or documented, it simply appeared without warning in one of the last Beta's before final release, giving Administrators no time to react and no tools or information to react with.
The issue here is that the only Administrative or Enterprise mechanism available to push this setting out to MAC's en-masse has not been documented yet BY APPLE so we are unlikely to have the information on how to create config profiles to do this until after launch.
Bear in mind that the documentation for the Mojave changes came very late, and the only Apple Supplied tool to create proper config files these days (Apple Configurator) still hasnt been updated to deal with the Mojave additions.
I posted this as an FYI and warning, it's not connectwise's fault.
Be fair Howie, this security change was unannounced and only appeared in Catalina Beta 6 and that was only released 10 days ago, there is no remote control software on the market that is ready for this yet and I'd imagine 3rd party dock vendors are going nuts to get this fixed for release as well.
Naturally Apple docks and Apples own ARD are exempt from this, for all the good ARD does when devices are out of the office.
these unannounced features trip up everyone on every release, I'm sure Apple do it to nudge people into sticking to all Apple peripherals etc
This update will break many things, and while there is a manual fix, Apple has provided no documentation on how to automate this for enterprises.
BTW if the manual route is ok for you, simply go to the PPPC system preference and tick screen connect or your dock app in the Screen Recording section.
Bad news people, this is now Broken again in Catalina, so upgrade with Caution.
There is a new "Screen Recording" Section in PPPC now that ScreenConnect needs to also be added to, but there is no tool or guidance on how to create a Profile to do it at present.
The addition of this Section also breaks 3rd Party Docks by the way, so if you have one, manually add your Dock software to the new section, or hold off the upgrade until any tools are updated to suit.
FYI for those that need it, here are the settings i use to allow the TCC/PPPC to work.
The Client ID does not seem to be an issue, so this should work for anyone on the new version.
I do mine in JAMF
APP
Identifier
com.screenconnect.client.access
Bundle ID
Code Requirement
identifier "com.screenconnect.client.access" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = K8M3XDZV9Y
APP or Service
Accessibility
AppleEvents
Reciever Identifier
com.apple.systemevents
Bundle ID
Reciever Code Requirements
identifier "com.apple.systemevents" and anchor apple
Have a Free Cloud account that is seemingly on that version now, have tested with that and created a Config Profile to deal with the TCC issue.
Seems to work.
Will re-test when This release goes stable and we have updated our live install
Does this version include the signing fix? Do we have an idea what day it will be made stable ?
Brandon
The latest stable version of 6.9 came out a few days after you made this post and the change was not there, I assume the code was already "Locked" by that time.
When will the next stable version of 6.9 with this fix in it be available ? Or a Pre-Release of 7 ?
We are getting masses of flack from our user base because we wont allow them to have Mojave until this is fixed and we can control their machines properly.
The next Stable release of 6.9 after you made this post came and went without any change to the situation, I suspect the code for that release was locked already.
Do you have an eta for the NEXT 6.9 stable that will have this in, or pre-release of 7 ?
This is critical for us and we are getting a lot of backlash denying upgrade to Mojave while we wait for this, i'd love to get this tested ASAP.
Thanks
Customer support service by UserEcho
OK, even worse news.
Finally got my hands on some apple documentation.
https://developer.apple.com/documentation/devicemanagement/privacypreferencespolicycontrol/services
Sadly it seems the "Feature" actually dubbed "Screen Capture" at the backend, cannot be allowed by policy, you can only deny apps, even though everything is seemingly denied by default. So unless a U Turn is in the works, we can basically upgrade no further than Mojave.
Way to go Apple, will hopefully be the final nail we need to abandon MAC's entirely as the overpriced, overrated, and despite Apple's continued assurances and continued broken promises most definitely NOT Enterprise class products.