Permissions used by the NetSupport DNA macOS Agent

Jan 4, 2023 | Mac, NetSupport DNA

< Back
You are here:
Print
Created OnJanuary 4, 2023
Last Updated OnJanuary 4, 2023
byArran
3.2 out Of 5 Stars

5 ratings

5 Stars 20%
4 Stars 40%
3 Stars 0%
2 Stars 20%
1 Stars 20%

The NetSupport DNA Mac Agent requires access to certain permissions for some features to function. You can apply the permissions the macOS DNA Agent uses either by an MDM deployment using the “NetSupportDNASecurityProfile.mobileconfig” (this can be found in the install directory, “/Applications/NetSupport/NetSupportDNA/SystemAgent”, of a machine you’ve installed the macOS DNA Agent on) or by using the permissions utility at the end of the installation process. For information on deploying the “NetSupportDNASecurityProfile.mobileconfig” via an MDM, please see our dedicated article on configuring and deploying the macOS DNA Agent:

NetSupport DNA Mac Agent MDM configuration and deployment

When applying permissions via the “NetSupportDNASecurityProfile.mobileconfig” (using an MDM), the permissions will be applied at the system level. However, you should note that the “Screen Recording” permission cannot be set by the MDM “NetSupportDNASecurityProfile.mobileconfig” (this is a limitation of macOS). This means if you would like the macOS DNA Agent features that require this permission to function, you need to set the permission on the device manually using the permissions utility at the end of the installation (even if other permissions for the DNA Agent are applied to the device via an MDM).

Below is a list of permissions that the macOS DNA Agent uses and what features are affected by the permissions:

  • Input Monitoring – Allows the DNA Agent to capture the keyboard, this is required for keyword monitoring.
  • Accessibility – Allows the Agent to run and interact with the system.
  • Screen Recording – Allows the DNA Console to view a thumbnail of the device, remote control to view the device, and to capture screenshots for eSafety triggered keywords.
  • Automation – Allows the DNA Agent to get system events and access data from browsers (such as Safari, Chrome and Edge for Mac).

Note: The Automation permission can be unticked by the user without entering an admin password. Because of this, it’s recommended this permission is set via MDM.

Was this article helpful?
3.2 out Of 5 Stars

5 ratings

5 Stars 20%
4 Stars 40%
3 Stars 0%
2 Stars 20%
1 Stars 20%
5
How can we improve this article?
Please submit the reason for your vote so that we can improve the article.
Need help?