macOS 10.14 Mojave で Workspace ONE Intelligent Hub をホワイトリストに指定するためのカスタム XML – AirWatch Support

概要

Apple 社は macOS 10.14 Mojave (モハベ) でユーザーデータのプライバシーを保護するための機能強化を導入しました。このセキュリティ強化の結果、アプリやプロセスが特定の機能を利用しようとすると、ユーザーに許可を求めるダイアログが表示されるようになりました。ユーザー操作を阻害することなく Intelligent Hub がこれまでどおり機能できるようにするには、ユーザーによって承認された MDM 加入の macOS 10.14 デバイスに対してのみ、ホワイトリストプロファイルをインストールするという方法もあります。
注：このプロファイルはデバイスの OS をアップグレードした後にインストールしてください。アップグレード前にインストールしても、設定は適用されません。アップグレード後のデバイスに自動的にインストールされるよう、macOS 10.14 デバイスを対象とする新しいスマートグループを作成して、このプロファイルを割り当てることを推奨します。
すべてのカスタムプロファイルに当てはまることですが、他のプロファイルとの競合が生じることがないよう、展開の前にプロファイルのペイロード UUID (PayloadUUID) を固有の値に変更してください。
Intelligent Hub (以前の AirWatch Agent) 19.07 がリリース済みの最新バージョンです。macOS 10.14 用の下記のプロファイルは、このバージョンに対応しています。Intelligent Hub の将来のバージョンでこのプロファイルを変更する必要が生じた場合は、その都度お知らせします。また、Workspace ONE UEM 1907 リリースにはこのプロファイルが事前に組み込まれており、macOS 10.14 デバイスに自動的にインストールされます。この UEM バージョン以降を利用している場合は、お客様が各自に作成する必要はありません。
macOS 10.14 で Intelligent Hub の全機能をホワイトリストに指定する方法

macOS 10.14 で Intelligent Hub の全機能をホワイトリストに指定するための XML を以下に示します。この XML の全体をデバイスプロファイルの [カスタム設定] ペイロードに貼り付け、すでに macOS 10.14 がインストールされているすべてのデバイスに展開してください。
<dict>
    <key>Services</key>
    <dict>
        <key>SystemPolicySysAdminFiles</key>
        <array>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.airwatch.mac.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>Identifier</key>
                <string>com.airwatch.mac.agent</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow VMware AirWatch Agent to access files used in system administration</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.hub.mac" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>Identifier</key>
                <string>com.vmware.hub.mac</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow Workspace ONE Intelligent Hub to access files used in system administration</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier airwatchd and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/airwatchd</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow airwatchd to access files used in system administration</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.uem.hubd" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/hubd</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow hubd to access files used in system administration</string>
            </dict>
        </array>
        <key>SystemPolicyAllFiles</key>
        <array>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.airwatch.mac.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>Identifier</key>
                <string>com.airwatch.mac.agent</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow VMware AirWatch Agent to access all protected files</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.hub.mac" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>Identifier</key>
                <string>com.vmware.hub.mac</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow Workspace ONE Intelligent Hub to access all protected files</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier airwatchd and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/airwatchd</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow airwatchd to access all protected files</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.uem.hubd" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/hubd</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow hubd to access all protected files</string>
            </dict>
        </array>
        <key>Accessibility</key>
        <array>
             <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier airwatchd and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/airwatchd</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow airwatchd in Accessibility</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.hub.mac" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>Identifier</key>
                <string>com.vmware.hub.mac</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow Workspace ONE Intelligent Hub in Accessibility</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.airwatch.mac.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>Identifier</key>
                <string>com.airwatch.mac.agent</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow VMware AirWatch Agent in Accessibility</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.uem.hubd" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/hubd</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow hubd in Accessibility</string>
            </dict>
        </array>
        <key>PostEvent</key>
        <array>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier airwatchd and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/airwatchd</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow airwatchd to send PostEvents</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.uem.hubd" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/hubd</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow hubd to send PostEvents</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.airwatch.mac.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>Identifier</key>
                <string>com.airwatch.mac.agent</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow VMware AirWatch Agent to send PostEvents</string>
            </dict>
            <dict>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.hub.mac" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>Identifier</key>
                <string>com.vmware.hub.mac</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow Workspace ONE Intelligent Hub to send PostEvents</string>
            </dict>
        </array>
        <key>AppleEvents</key>
        <array>
            <dict>
                <key>Identifier</key>
                <string>com.airwatch.mac.agent</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.airwatch.mac.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.finder</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.finder" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow VMware AirWatch Agent to send AppleEvents to Finder.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>com.airwatch.mac.agent</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.airwatch.mac.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.systempreferences</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.systempreferences" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow VMware AirWatch Agent to send AppleEvents to System Preferences.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>com.airwatch.mac.agent</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.airwatch.mac.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.systemevents</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.systemevents" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow VMware AirWatch Agent to send AppleEvents to System Events.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>com.airwatch.mac.agent</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.airwatch.mac.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.mail</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.mail" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow VMware AirWatch Agent to send AppleEvents to Mail.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>com.airwatch.mac.agent</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.airwatch.mac.agent" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.microsoft.Outlook</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.microsoft.Outlook" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow VMware AirWatch Agent to send AppleEvents to Microsoft Outlook.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>com.vmware.hub.mac</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.hub.mac" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.microsoft.Outlook</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.microsoft.Outlook" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow Workspace ONE Intelligent Hub to send AppleEvents to Microsoft Outlook.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>com.vmware.hub.mac</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.hub.mac" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.finder</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.finder" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow Workspace ONE Intelligent Hub to send AppleEvents to Finder.app</string>
            </dict>
              <dict>
                <key>Identifier</key>
                <string>com.vmware.hub.mac</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.hub.mac" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.systempreferences</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.systempreferences" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow Workspace ONE Intelligent Hub to send AppleEvents to System Preferences.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>com.vmware.hub.mac</string>
                <key>IdentifierType</key>
                <string>bundleID</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.hub.mac" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.systemevents</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.systemevents" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow Workspace ONE Intelligent Hub to send AppleEvents to System Events.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/airwatchd</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier airwatchd and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.finder</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.finder" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow airwatchd to send AppleEvents to Finder.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/airwatchd</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier airwatchd and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.microsoft.Outlook</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.microsoft.Outlook" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow airwatchd to send AppleEvents to Microsoft Outlook.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/airwatchd</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier airwatchd and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.systemevents</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.systemevents" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow airwatchd to send AppleEvents to System Events.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/hubd</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.uem.hubd" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.finder</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.finder" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow hubd to send AppleEvents to Finder.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/hubd</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.uem.hubd" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.apple.systemevents</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.apple.systemevents" and anchor apple</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow hubd to send AppleEvents to System Events.app</string>
            </dict>
            <dict>
                <key>Identifier</key>
                <string>/Library/Application Support/AirWatch/hubd</string>
                <key>IdentifierType</key>
                <string>path</string>
                <key>CodeRequirement</key>
                <string>anchor apple generic and identifier "com.vmware.uem.hubd" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = S2ZMFGQM93)</string>
                <key>AEReceiverIdentifier</key>
                <string>com.microsoft.Outlook</string>
                <key>AEReceiverIdentifierType</key>
                <string>bundleID</string>
                <key>AEReceiverCodeRequirement</key>
                <string>identifier "com.microsoft.Outlook" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9</string>
                <key>Allowed</key>
                <true/>
                <key>Comment</key>
                <string>Allow hubd to send AppleEvents to Microsoft Outlook.app</string>
            </dict>
        </array>
    </dict>
    <key>PayloadDescription</key>
    <string>Privacy Preferences for Intelligent Hub</string>
    <key>PayloadDisplayName</key>
    <string>Privacy Preferences for Intelligent Hub</string>
    <key>PayloadIdentifier</key>
    <string>com.vmware.mdm.tcc.IntelligentHub1907</string>
    <key>PayloadOrganization</key>
    <string>VMware</string>
    <key>PayloadType</key>
    <string>com.apple.TCC.configuration-profile-policy</string>
    <key>PayloadUUID</key>
    <string>0D4540F5-35EC-45B8-9F11-46F6CA7723FC</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
</dict>
Other Languages: English
免責事項：これは英文の記事「Custom XML to Whitelist Workspace ONE Intelligent Hub for macOS 10.14 Mojave」の日本語訳です。記事はベストエフォートで翻訳を進めているため、ローカライズ化コンテンツは最新情報ではない可能性があります。最新情報は英語版の記事で参照してください。
3 Comments

Date Votes
0

Workspace ONE Support JP October 31, 2018 04:09

記事を更新しました - 2018-10-31 04:09 UTC

Comment actions Permalink
0

Workspace ONE Support JP April 24, 2019 11:00

記事を更新しました - 2019-04-24 11:01 UTC

Comment actions Permalink
0

Workspace ONE Support JP August 07, 2019 01:48

記事を更新しました - 2019-08-07 01:49 UTC

Comment actions Permalink
Article is closed for comments.