MacOS devices require additional Security & Privacy settings to grant the JumpCloud Remote Assist software permissions to provide remote access and enable the Remote File Manager feature. Whether your device is enrolled in JumpCloud MDM, non-JumpCloud MDM, or no MDM at all, you might need to manually grant the Remote Assist app permission to use either Screen Recording, or both Accessibility and Screen Recording, and Full Disk Access for Remote Assist to support the Remote File Manager.
Overview
To run JumpCloud Remote Assist on macOS devices, you must grant the app permissions in System Settings > Privacy & Security. Depending on your OS version and MDM type, you need to enable permissions for Screen Recording, Accessibility, or both.
Considerations
- If your macOS devices are not enrolled in any MDM, users will need to grant the Accessibility and Screen Recording permissions manually.
- For instructions, see Granting Permissions for a Device Not Enrolled in MDM .
- If your macOS device is enrolled with JumpCloud’s MDM and running 11.x (Big Sur) or newer, the JumpCloud agent automatically grants Accessibility permissions for the Remote Assist agent as part of the PPPC policy push.
- The user is still required to grant Screen Recording permissions, but doesn’t need special Admin privileges to do so.
- If your device is enrolled with JumpCloud MDM, the policy to support the Remote File Manager is applied automatically.
- For third party MDMs, you’ll need to either manually grant the JumpCloud Remote Assist agent permissions, or download the custom preconfigured profile for use with your MDM to grant the appropriate permissions to our software.
- For instructions, see Granting Permissions for a Non-JumpCloud MDM.
Limitations
- The Remote Assist Agent does not currently support video streaming from HDR-enabled displays. To effectively use the Remote Assist service, disable HDR video streaming on your device. Remote Assist has HDR disabled by default.
Granting Permissions for Users Enrolled in JumpCloud MDM
To grant permissions for a macOS device enrolled with JumpCloud MDM:
- Click the Apple menu at the top of the screen.
- Go to System Settings > Privacy & Security > Screen Recording.
- Toggle the JumpCloud Remote Assist app to enable screen recording permissions.
- For macOS devices running Big Sur and Monterey, you do not need to enter your password or grant Accessibility permissions.
- For JumpCloud-enrolled devices, the agent automatically enables Full Disk access for Remote Assist to support the Remote File Manager. This policy to support the RFM is enabled in the backend, so it will still work even though it will not appear in the Full Disk Access folder.
Granting Permissions for a Non-JumpCloud MDM
A custom profile is required for non-JumpCloud MDMs. To grant permissions for a non-JumpCloud MDM:
- Download the custom Privacy Preferences Policy Control (PPPC) file attached to this article.
- See the attached
PPPC-JumpCloud-Agent-Permissions-1-1.mobileconfig
file. - The PPPC profile automatically supports the Remote File Manager feature. The permission to use the RFM is enabled after the policy is deployed.
- Follow the instructions from your MDM to install this custom profile.
- Complete the steps in Granting Permissions for a JumpCloud MDM .
Granting Permissions for Users Not Manually Enrolled in MDM
If your macOS device meets the following conditions, the user must manually grant the Accessibility and Screen Recording permissions:
- macOS device is running Big Sur or Monterey, but not enrolled in JumpCloud MDM.
- macOS device is enrolled in a non-JumpCloud MDM, but not using the PPPC policy attached to this article.
- A user must have admin privileges to grant Accessibility permissions.
- If a user’s device is running Big Sur or later, admin privileges are also required to grant Screen Recording permissions.
To grant permissions for a device not manually enrolled in MDM:
- Click the Apple menu at the top of the screen.
- Go to System Settings > Privacy & Security > Accessibility.
- Toggle the JumpCloud Remote Assist app to enable accessibility permissions.
If JumpCloud Remote Assist doesn’t show up in the list of available apps, click the + icon and select it from the Applications folder.
- Go to System Settings > Privacy & Security > Screen Recording.
- Toggle the JumpCloud Remote Assist app to enable screen recording permissions.
- To enable permissions for the Remote File Manager feature, go to System Settings > Privacy & Security > Full Disk Access.
- Click the + icon and add JumpCloud Remote Assist from the Application directory.
- Toggle the JumpCloud Remote Assist app to enable full disk access.