Path
User Configuration > Policies > Centrify Settings > Mac OS X Settings > Security & Privacy > Public Key Policies > Allow specific applications to access the auto-enrollment private key(s)
Description
Enabling this policy allows specified applications to access the auto-enrollment private key(s) in System keychain.
After you enable this policy, click Add to enter the path to the application you want to allow access to the auto-enrollment private key, then click OK. You can click Add again to add additional applications.
For example, to give Google Chrome and Centrify Agent access to the auto-enrollment private key, enter the application path for Google Chrome:
/Applications/Google Chrome.app
Click OK. Then click Add and enter the application path for Centrify Agent:
/Applications/Centrify Agent.app
After this group policy is enabled, the list of applications specified in the group policy are added to the access control list of the auto-enrollment private key in system keychain.
See Configuring auto-enrollment for more information about auto-enrollment keys.
Note: This setting only applies to a new auto-enrollment private key. It does not change auto-enrolled private keys that are already in the keychain.
If the group policy Allow all applications to access the auto-enrollment private key(s) is enabled, this group policy will be ignored.
Doc Feedback