Category filter
How to blocklist/allowlist apps on macOS devices?
Application blocklisting is a prohibitive mechanism that prevents users from accessing specific applications on the devices. As determined by the organization, apps that hinder productivity or appear to be malicious in a workplace environment can be blocklisted. The app blocklisting policy enables you to restrict specific apps on macOS devices from the Hexnode UEM console. It raises a blocked-access prompt on the devices as the user tries to open the blocklisted applications.
Allowlisting allows users to access only those applications that are explicitly defined by the organization. The users can install/access them conveniently without any restrictions. All other apps, except the allowlisted ones will be blocked on the device. Based on the requirement, you can define the applications to be denied or allowed access on macOS devices.
Blocklist apps on macOS devices
To block apps on macOS devices:
- Login to your Hexnode UEM portal.
- Navigate to Policies > New Policy > macOS > App Management > Blocklist/Allowlist. Click on Configure.
- Enter the policy name and description.
- Policy name – Enter an appropriate name for the policy. This is a mandatory field.
- Description – Add a brief description of the policy.
- Click on the Blocklist button.
- Click on +Add to add either an app or a group of apps to be blocklisted. You can blocklist Enterprise app, Store app, or VPP apps on macOS devices.
- After selecting the desired apps, click Done.
- Next, associate the policy with the target devices by clicking on Policy Targets.
- Select the Devices/Device Groups/User/User Groups/Domains with which the policy is to be attached.
- Click Save.
Allowlist apps on macOS devices
To limit access to a specific set of applications:
- Login to your Hexnode UEM portal.
- Navigate to Policies > New Policy > macOS > App Management > Blocklist/Allowlist. Click on Configure.
- Enter the policy name and description.
- Policy name – Enter an appropriate name for the policy. This is a mandatory field.
- Description – Add a brief description of the policy.
- Click on the Allowlist button.
- Click on +Add to add either an app or a group of apps to be allowlisted. Selecting a single application limits the device usage only to the given application, and all other apps remain inaccessible on the device. Enterprise apps, Store apps, and VPP apps can be allowlisted on the devices.
- After selecting the desired apps, click Done.
- Next, associate the policy with the target devices by clicking on Policy Targets.
- Select the Devices/Device Groups/User/User Groups/Domains to apply the policy.
- Choose the device and click Save. The policy will be pushed to the device.
Allowlist an app present on the macOS device
- Click on the +Add button and select the Choose an app from the device option.
- Enter the name of the app you want to allowlist under App name.
- Enter the path of the app on the device under Specify the file path to the app on the device. You can use a custom script to get the path to the desired app.
- Click Add.
- Next, associate the policy with the target devices by clicking on Policy Targets.
- Select the Devices/Device Groups/User/User Groups/Domains to apply the policy.
- Choose the device and click Save. The policy will be pushed to the device.