Template Profiles
Basic Template Profile
This template profile is designed for running Elevate24 in Basic mode. It includes options to configure settings such as reasons, Sessiontime, and demote behaviour. However, many of these settings are for template purposes and should be adjusted to match your environment.
Temporary Account Template Profile
This template profile is designed for running Elevate24 intemporary account mode available to premium customers only. It includes options to configure settings such as reasons, Sessiontime, demote behaviour and configuration for temporary secondary account. However, many of these settings are for template purposes and should be adjusted to match your environment.
Monitoring Template Profile
This template profile is designed for Elevate24 monitoring available to premium customers only. This profile icludes options for EventsToLog and filterRules which will log data into the Jigsaw24 Portal. However, many of these settings are for template purposes and should be adjusted to match your environment.
Privacy Preferences Policy Control Profile 2.3+
This profile is crucial for premium customers who use monitoring. It enables the agent to collect elevated behaviour and events.
| Identifier | Type | Code Requirement |
|---|---|---|
| com.jigsaw24.Elevate24Extension | Full Disk Access | anchor apple generic and identifier "com.jigsaw24.Elevate24Extension" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists / or certificate 1[field.1.2.840.113635.100.6.2.6] / exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = "563MYW3H73") |
Privacy Preferences Policy Control Profile Profile 2.1.0 - 2.2.8
This profile is crucial for premium customers who use monitoring. It enables the agent to collect elevated behaviour and events.
| Identifier | Type | Code Requirement |
|---|---|---|
| com.jigsaw24.Elevate24SecurityExtension | Full Disk Access | anchor apple generic and identifier "com.jigsaw24.Elevate24SecurityExtension" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists / or certificate 1[field.1.2.840.113635.100.6.2.6] / exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists */ and certificate leaf[subject.OU] = "563MYW3H73") |
System Extension
This profile is required to approve the system extension on the user’s behalf. This is important if you have set the UseSystemExtension key to true.
IMPORTANT
Its important to add NonRemovableSystemExtensions to prevent the users removing the system extension protection when elevated to administrator.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>AllowUserOverrides</key>
<true/>
<key>AllowedTeamIdentifiers</key>
<array>
<string>563MYW3H73</string>
</array>
<key>NonRemovableSystemExtensions</key>
<dict>
<key>563MYW3H73</key>
<array>
<string>com.jigsaw24.Elevate24Extension</string>
</array>
</dict>
</dict>
</plist>Managed Login Item
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Rules</key>
<array>
<dict>
<key>RuleType</key>
<string>TeamIdentifier</string>
<key>RuleValue</key>
<string>Elevate24</string>
<key>TeamIdentifier</key>
<string>563MYW3H73</string>
</dict>
</array>
</dict>
</plist>