diff --git a/macos/Privileges/com.jlaundry.privileges.mobileconfig b/macos/Privileges/com.jlaundry.privileges.mobileconfig index e2b74f5..7350236 100644 --- a/macos/Privileges/com.jlaundry.privileges.mobileconfig +++ b/macos/Privileges/com.jlaundry.privileges.mobileconfig @@ -14,65 +14,23 @@ <dict> <key>mcx_preference_settings</key> <dict> - <!-- - key: DockToggleMaxTimeout - value: a positive integer - - Set a maximum timeout for the Dock tile's "Toggle Privileges" command. This - generally works the same way as the "DockToggleTimeout" but allows the user - to choose every timeout value up to the one specified. So if the admin would - set "DockToggleMaxTimeout" to 20 minutes, the user may decide to set it to - a value below 20 instead of being forced to use the 20 minute timeout. With - regards to user experience we recommend to use "DockToggleMaxTimeout" instead - of "DockToggleTimeout". if "DockToggleMaxTimeout" and "DockToggleTimeout" - have been set, the fixed value of "DockToggleTimeout" takes precedence over - "DockToggleMaxTimeout". - --> - <key>DockToggleMaxTimeout</key> - <integer>15</integer> + <!-- see: https://github.com/SAP/macOS-enterprise-privileges/wiki/Managing-Privileges --> + <key>RevokePrivilegesAtLogin</key> + <true/> + <key>ExpirationIntervalMax</key> + <integer>60</integer> + + <key>RequireAuthentication</key> + <true/> + <key>AllowCLIBiometricAuthentication</key> + <true/> - <!-- - key: ReasonRequired - value: a boolean - - If set to true, the user must provide a reason for needing admin rights. - The reason will be logged. - --> <key>ReasonRequired</key> <true /> - <!-- - key: ReasonMinLength - value: a positive integer below 100 - - If "ReasonRequired" is set to true, this key specifies the minimum number - of characters the user has to enter as the reason for becoming an admin. - If not set, the value defaults to 10. The text field is limited to a - maximum of 100 characters, so values greater than 100 have no effect. - Please be aware that enabling this option, disables the "Toggle Privileges" - entry in the Privileges Dock tile menu. - --> <key>ReasonMinLength</key> <integer>8</integer> - <!-- - key: ReasonMaxLength - value: a positive integer below 100 - - If "ReasonRequired" is set to true, this key specifies the maximum number - of characters the user can enter as the reason for becoming an admin. - If not set, the value defaults to 100. If a value > 100 is specified or - if "ReasonMaxLength" is <= "ReasonMinLength", the value is set to default. - --> <key>ReasonMaxLength</key> <integer>40</integer> - <!-- - key: ReasonPresetList - value: an array of strings - - If "ReasonRequired" is set to true, this key allows to pre-define a list - of possible reasons (for becoming an admin) the user can choose from. If - set, an additional pop-up menu will appear in the dialog box. This only - works for the GUI version of Privileges. - --> <key>ReasonPresetList</key> <array> <dict> @@ -108,8 +66,66 @@ <key>PayloadUUID</key> <string>8436814F-858D-4875-8552-4263D70478E2</string> <key>PayloadVersion</key> + <integer>2</integer> + </dict> + <dict> + <key>NotificationSettings</key> + <array> + <dict> + <key>AlertType</key> + <integer>1</integer> + <key>BadgesEnabled</key> + <false/> + <key>BundleIdentifier</key> + <string>corp.sap.privileges.agent</string> + <key>NotificationsEnabled</key> + <true/> + <key>ShowInLockScreen</key> + <false/> + <key>ShowInNotificationCenter</key> + <false/> + <key>SoundsEnabled</key> + <false/> + </dict> + </array> + <key>PayloadDisplayName</key> + <string>Privileges Notifications Payload</string> + <key>PayloadIdentifier</key> + <string>com.apple.notificationsettings.82F3A882-88ED-4B92-8A03-332A9874FDD0</string> + <key>PayloadOrganization</key> + <string>SAP SE</string> + <key>PayloadType</key> + <string>com.apple.notificationsettings</string> + <key>PayloadUUID</key> + <string>82F3A882-88ED-4B92-8A03-332A9874FDD0</string> + <key>PayloadVersion</key> <integer>1</integer> </dict> + <dict> + <key>PayloadDisplayName</key> + <string>Privileges Service Management Payload</string> + <key>PayloadIdentifier</key> + <string>com.apple.servicemanagement.AD895F7A-40F5-454A-B70F-6AA00C3738CF</string> + <key>PayloadOrganization</key> + <string>SAP SE</string> + <key>PayloadType</key> + <string>com.apple.servicemanagement</string> + <key>PayloadUUID</key> + <string>AD895F7A-40F5-454A-B70F-6AA00C3738CF</string> + <key>PayloadVersion</key> + <integer>1</integer> + <key>Rules</key> + <array> + <dict> + <key>Comment</key> + <string>Approves Privileges and its components</string> + <key>RuleType</key> + <string>TeamIdentifier</string> + <key>RuleValue</key> + <string>7R5ZEU67FQ</string> + </dict> + </array> + </dict> </array> <key>PayloadDescription</key> <string>Configures the Privileges app</string> @@ -130,6 +146,6 @@ <key>PayloadUUID</key> <string>C2F39834-001F-4930-AC7D-E5BA0DE82529</string> <key>PayloadVersion</key> - <integer>1</integer> + <integer>4</integer> </dict> </plist> \ No newline at end of file