Allow full-disk access for the endpoint security host application (SEHA.app) on macOS endpoints

You must configure an MDM profile to allow full-disk access for the endpoint security host application (
SEHA.app
) on macOS 11 endpoints.
For illustration purposes, the following instructions assume that you plan to use Jamf, an IT management application.
  1. In Jamf, select a configuration profile.
  2. Navigate to
    Privacy Preferences Policy Control
    .
  3. Under
    App Access
    , in the
    Identifier field
    , type
    com.symantec.dlp.ext.host.application
    .
  4. In the
    Identifier Type
    menu, select
    Bundle ID
    .
  5. Run the following command to generate code requirement details:
    codesign -dr - /path to app/
  6. Enter text generated in the previous step in the
    Code Requirement
    field.
  7. In the
    APP OR SERVICE
    table, add the following settings:
    APP OR SERVICE
    ACCESS
    SystemPolicyAllFiles
    Allow
    SystemPolicyRemovableVolumes
    Allow
    SystemPolicyNetworkVolumes
    Allow
  8. Click
    Save
    .
You can refer to the
System > Agents > Overview
page of the Enforce Server administration console to view and troubleshoot any issues.