Enable DLP Agent access to Microsoft Office applications
After you enable MIP configuration for Microsoft Office applications in the agent configuration, endpoint users are prompted to allow the DLP Agent ('CUI' application) to access Microsoft Word, Microsoft Excel, and Microsoft PowerPoint. If users do not grant application access, the MIP classification functionality does not work.
You can create an MDM configuration profile to enable the DLP Agent to access Microsoft Office applications without prompting users for permission. For illustration purposes, the following instructions assume that you plan to use Jamf, an IT management application.
When you copy and paste text into the
Receiver Code Requirement
box in Jamf, make sure that there are no line breaks.- In Jamf, select a configuration profile.
- Navigate toPrivacy Preferences Policy Control.
- ClickAdd.
- UnderApp Access, do the following:
- In theIdentifierbox, typecom.microsoft.Word.
- In theReceiver Identifier Typemenu, selectBundle ID.
- In theReceiver Code Requirementbox, typeidentifier "com.microsoft.Word" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9.
- ClickAdd.
- UnderApp Access, do the following:
- In theIdentifierbox, typecom.microsoft.Excel.
- In theReceiver Identifier Typemenu, selectBundle ID.
- In theReceiver Code Requirementbox, typeidentifier "com.microsoft.Excel" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9.
- ClickAdd.
- UnderApp Access, do the following:
- In theIdentifierbox, typecom.microsoft.Powerpoint.
- In theReceiver Identifier Typemenu, selectBundle ID.
- In theReceiver Code Requirementbox, typeidentifier "com.microsoft.Powerpoint" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9.
- ClickSave.