Allowed Kernel Extensions KEXT

Hats off to those who have written great articles and in this case I am going to tip mine to Rich Trouton @ Der Flounder for his write up on his web site. Below is a quotation(brazenly copied) from his web site that describes this perfectly.

Directly copied from Whitelisting third-party kernel extensions using profiles

"As part of macOS 10.13.2, Apple introduced the concept of User Approved MDM Enrollment (UAMDM). UAMDM grants mobile device management (MDM) additional management privileges, beyond what is allowed for macOS MDM enrollments which have not been “user approved”.

As of macOS 10.13.4, the only additional management privilege associated with UAMDM is that it allows you to deploy a profile which provides a whitelist for third-party kernel extensions. This profile allows a company, school or institution to avoid the need to have individual users approve the running of approved software.

Without the profile, third-party kernel extensions will need to be approved through the User-Approved Kernel Extension Loading (UAKEL) process. "

A list of team IDs can be found here that will be useful when allowing specific Apps to operate on a Mac without user interaction. (assuming UAMDM has been Approved).

Kext Team Identifiers, Vendors and BundleIDs



Please login using your credentials recived by email when you register.

I forgot my password | Resend activation e-mail