This describes how to automatically allow Automox to patch macOS without a pop-up.
New privacy controls implemented in macOS 10.14 (Mojave) require this prompt which can cause confusion for your end users or worse, prevent them from patching Microsoft Office applications. If you use a Mobile Device Manager (MDM) with your macOS devices, you can hide this prompt and force allow this patching behavior with a Privacy Preferences Policy Control profile and Automox Agent 28 or newer.
This profile payload can apply to devices that have a User Approved MDM Profile or devices deployed with Apple Business Manager (previously named Apple Device Enrollment Program).
Depending on your MDM, this payload might be named Privacy Preference or Privacy Preferences Policy Control. The following information is needed to populate this profile:
Identifier: /usr/local/bin/amagent Identifier Type: Path Code Requirement: identifier "com.automox.agent" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = DAEQ58A4ES Validate the Static Code Requirement: Off App or Service: AppleEvents Access: Allow Receiver Identifier: com.microsoft.autoupdate2 BundleID: identifier "com.microsoft.autoupdate2" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9