Apple introduced in macOS Big Sur changes to who can control their Privacy Preferences Policy Control Settings (PPPC). As of macOS Big Sur, Standard Users are no longer able to approve applications requesting access to Screen Recording or Listen Events.
In order to allow Standard Users to approve these controls without converting the account to an Admin User, a PPPC MDM Configuration needs to be applied to macOS 11 Big Sur devices to allow Standard User Approval.
Requirements
macOS Big Sur 11 or higher
User Approved MDM
Configuring the PPPC Profile for Standard Users
Before proceeding further, gather the identifiers and code requirements for your app. This can be retrieved by following this guide:
How To Get The Team ID, Bundle ID, and Code Requirement
In order to configure a PPPC Profile to allow Standard Users to approve the following fields should be leveraged.
- Navigate to the MDM Profiles section of the Catalog and create a new PPPC profile
- Locate the relevant field(s) you wish to modify permissions for
- Add the Identifier and Code Requirement and set the "Allowed" to "Let Standard Users Approve"
Example
In the below example, we are going to approve or allow standard users to approve the Screen Recording control on their macOS 11 Big Sur Device.
System Settings Behavior
Once this profile is applied to a device, standard users will have the ability to approve the applications that have been approved using these MDM Profiles. The screenshot below highlights what the users will see in System Settings > Privacy & Security > Screen Recording.