Using MDM for Zoom Rooms with macOS Mojave
The Zoom Rooms app must be authorized to access the microphone and camera upon initial installation on Mac OS 10.14 Mojave due to increased security. The Zoom Room device can be managed and provisioned using MDM by provisioning an MDM profile with a specific configuration.
This article covers:
- How to configure the MDM profile for Zoom Rooms with macOS Mojave
- How to configure AirWatch for Zoom Rooms with macOS Mojave
Requirements for using MDM for Zoom Rooms with macOS 10.14 Mojave
- Operating system 10.14 Mojave
- Zoom Room License
- MDM service
How to configure the MDM profile for Zoom Rooms with macOS Mojave
Privacy Service Dictionary Keys allow you to authorize access to profiles, but not to the system’s camera and microphone. Zoom Room, on the other hand, can access all protected files, including the camera and microphone, if the SystemPolicyAllFiles key is configured.
- A custom profile can be created by opening your MDM service.
- See the attached .plist file for an example of the XML required for the profile.
- By using the MDM server, you can deploy the device profile.
- Select Profiles in System Preferences on the Mac device to verify that your profile was submitted successfully.
How to configure AirWatch for Zoom Rooms with macOS Mojave
- Adding a profile is as simple as opening AirWatch, selecting the Profiles section, and clicking ADD.
- Select “MacOS” – “Device Profile” as platform and click Add Profile.
- The next page will ask you for the required information, then you can click Privacy Settings.
- On the next page you need to fill in the following fields with the following information:
- Identifier = us.zoom.ZoomPresence
- ID type = BUNDLE ID
- Code Requirement = A generic identifier named “us.zoom.ZoomPresence” and an anchor named “us.zoom”.
- System Policy All Files = Allow
- Accessibility = Screensavers can be closed by the Zoom Room app on macOS 11.4 if allowed (check box).
- Publish your work after saving the page. The profile must be installed manually if the assignment type is set to Optional, otherwise it will be installed automatically.
