Using MDM for Zoom Rooms with macOS Mojave
The Zoom Rooms app must be authorized to access the microphone and camera when first installed on Mac OS 10.14 Mojave due to increased security. The Zoom Room device can be managed and deployed using MDM by deploying an MDM profile with a specific configuration.
This article covers:
- How to configure the MDM profile for Zoom Rooms with macOS Mojave
- How to configure AirWatch for Zoom Rooms with macOS Mojave
Contents
Prerequisites for using MDM for Zoom Rooms with macOS 10.14 Mojave
- OS 10.14 Mojave
- Zoom Room license
- MDM service
How to configure the MDM profile for Zoom Rooms with macOS Mojave
With Privacy Service Dictionary Keys, you can authorize access to profiles, but not to the system’s camera and microphone. Zoom Room, on the other hand, will be able to access all protected files, including a camera and microphone, if the “SystemPolicyAllFiles” key is configured.
- A custom profile can be created by opening your MDM service.
- An example of the XML required for the profile can be found in the attached .plist file.
- By using the MDM server, you can deliver the device profile.
- Select Profiles in System Preferences on the Mac device to check if your profile was successfully delivered.
How to configure AirWatch for Zoom Rooms with macOS Mojave
- Adding a profile is as simple as opening AirWatch, selecting the Profiles section, and clicking ADD.
- Choose “MacOS” – “Device Profile” as the platform and click Add Profile.
- The next page will ask for the required information, then you can click Privacy Preferences.
- The next page requires you to fill out the fields below with the following information:
- Identifier = us.zoom.ZoomPresence
- Identifier Type = BUNDLE ID
- Code Requirement = A generic identifier called “us.zoom.ZoomPresence” and an anchor named “us.zoom.”
- System Policy All Files = Allow
- Accessibility = Screensavers can be dismissed by the Zoom Room app on macOS 11.4 when it is allowed (check the box).
- Publish your work after saving the page. The profile must be installed manually if the assignment type is set to Optional, otherwise it will be installed automatically.