MDM
Mobile Device Management Settings
- Welcome
- Join AppleSeed for IT
- What’s new
- MDM overview
- Payload best practices
-
- General
- Accessibility
- Active Directory Certificate
- AirPlay
- AirPlay Security
- AirPrint
- App Configuration
- Associated Domains
- Autonomous Single App Mode
- Calendar
- Mobile Data
- Certificates
- Certificate Transparency
- Conference Room Display
- Contacts
- Content Caching
- Custom
- Directory
- DNS Proxy
- Dock
- Domains
- Energy Saver
- Exchange ActiveSync (EAS)
- Exchange Web Services (EWS)
- Extensions
- Finder
- Fonts
- Global HTTP Proxy
- Google Accounts
- Home Screen Layout
- Identification
- Kernel Extension Policy
- LDAP
- Lock Screen Message
- Login Items
- Login Window
- Network Usage Rules
- Notifications
- Parental Controls
- Passcode
- Printing
- Privacy Preferences Policy Control
- Proxy
- SCEP
- Security & Privacy
- Single App Mode
- Single Sign-On
- Single Sign-On Extensions
- Smart Card
- Software Update
- Subscribed Calendars
- System Migration
- Time Machine
- TV Remote
- Web Clips
- Web Content Filter
- Xsan
Kernel Extension Policy payload settings for Apple devices
You can configure the Kernel Extension Policy to manage security settings on Mac computers enrolled in a mobile device management (MDM) solution. Use the Kernel Extension Policy payload to allow Mac users to add kernel extensions. This payload must be user approved.
OS and channel | Supported enrolment types | Interaction | Duplicates |
|---|---|---|---|
macOS device | Device Automated Device | Exclusive | Multiple |
Setting | Description | Required |
|---|---|---|
Allow users to approve kernel extensions | Users can approve kernel extensions not explicitly allowed by configuration profiles. | Yes |
Add team identifiers | Team identifiers define which validly signed kernel extensions are allowed to load. | Yes |
Allowed kernel extensions | Kernel extensions that will always be allowed to load on the Mac. | Yes |
Thanks for your feedback.