Since last March we have been working primarily remotely. In the past, data transfer was done a lot of ways; this last 16 months have been trickier as we aren’t all in the same places. We’ve switched many users to laptops, and worked to transfer user data from an online data backup service.
This workflow is great for a distributed team, we can set up a new system, restore a backup and send it off to them with only a few notes on how to log in and sync up your password. This has worked well, but sometimes we’ve seen issues where user folders that have been copied in and had a new user created utilizing the existing user folder have been unable to make any TCC approvals for camera, microphone or file access. This is obviously a big problem in the world of daily zoom meetings.
My workflow after a data transfer has historically been to copy the data from another system manually, or more recently restore from an online backup. I then ensure the user folder is owned by the correct user with a simple one liner in terminal (or automated in a script):
sudo chown -R username /Users/username
In the past this has worked quite well, but with permissions and security changes with macOS Catalina we’ve been seeing more issues where even when the
~/Library/ folder is not copied over, the TCC database file seems to not allow any changes. Applications like Zoom, Microsoft Teams, WebEx and others are not prompting for camera and mic access at all, and the system preferences pane appears completely blank.
There is a command to reset the TCC permissions:
tccutil reset All
Somehow, even in this case does not seem to work. It appears the folder that houses the TCC permission information
~/Library/Application\ Support\com.apple.TCC/ has incorrect permissions, not even allowing the user to reset it. I expect this has something to do with the permissions that result in a cascade of not allowed messages when you run the aforementioned
After some searching I’ve found that the best solution is to delete the
~/Library/Application\ Support\com.apple.TCC/ folder. After this is deleted when you open up an application requesting permissions the dialog pops up normally.