Best Practices: Manage Privilege Manager Notifications on macOS

As of macOS Catalina, Apple provided the ability to manage notification settings in macOS by using Configuration Profiles. The benefit of managing this setting is that you as the administrator have complete control over the desired state of that configuration on the endpoint. You want the user to be able to see the notifications that Privilege Manager sends out. If the setting is not managed the user may miss something important, if they previously clicked Don't Allow.

manage notifications

The example Manage Notifications XML snippet provided can be used and is based on the following property values. Depending on your chosen MDM provider, the example snippet might need editing.

  • AlertType : 1 (Temporary Banner)
  • BadgesEnabled : true (Enables the badge to be displayed for Privilege Manager)
  • BundleIdentifier : com.thycotic.privilegemanagergui
  • CriticalAlertEnabled : true (Enables critical alerts that can ignore the Do Not Disturb feature)
  • ShowInLockScreen : false (For privacy concerns it is recommended to not show in lock screen)
  • ShowInNotificationCenter : true (Enables notifications in the notification center for this app)
  • SoundsEnabled : true (enables sounds for this app)

Manage Notifications XML

Copy 
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.
com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>PayloadContent</key>
        <array>
            <dict>
                <key>NotificationSettings</key>
                <array>
                    <dict>
                        <key>AlertType</key>
                        <integer>1</integer>
                        <key>BadgesEnabled</key>
                        <true/>
                        <key>BundleIdentifier</key>
                        <string>com.thycotic.privilegemanagergui</string>
                        <key>CriticalAlertEnabled</key>
                        <true/>
                        <key>NotificationsEnabled</key>
                        <true/>
                        <key>ShowInLockScreen</key>
                        <false/>
                        <key>ShowInNotificationCenter</key>
                        <true/>
                        <key>SoundsEnabled</key>
                        <true/>
                    </dict>
                </array>
                <key>PayloadDisplayName</key>
                <string>Notifications</string>
                <key>PayloadIdentifier</key>
                <string>8BC5EB47-8E9B-4CCB-BFB8-7ED346060748.com.apple.notificationsettings.510D70CC-A4DE-42FB-B327-CAA358740DF7</string>
                <key>PayloadOrganization</key>
                <string></string>
                <key>PayloadType</key>
                <string>com.apple.notificationsettings</string>
                <key>PayloadUUID</key>
                <string>510D70CC-A4DE-42FB-B327-CAA358740DF7</string>
                <key>PayloadVersion</key>
                <integer>1</integer>
            </dict>
        </array>
        <key>PayloadDisplayName</key>
        <string>Approve Privman Notifications</string>
        <key>PayloadIdentifier</key>
        <string>com.thycotic.com.8BC5EB47-8E9B-4CCB-BFB8-7ED346060748</string>
        <key>PayloadOrganization</key>
        <string>Thycotic</string>
        <key>PayloadScope</key>
        <string>System</string>
        <key>PayloadType</key>
        <string>Configuration</string>
        <key>PayloadUUID</key>
        <string>8BC5EB47-8E9B-4CCB-BFB8-7ED346060748</string>
        <key>PayloadVersion</key>
        <integer>1</integer>
    </dict>
</plist>