TCC issues after a data transfer

Since last March we have been working primarily remotely. In the past, data transfer was done a lot of ways; this last 16 months have been trickier as we aren’t all in the same places. We’ve switched many users to laptops, and worked to transfer user data from an online data backup service.

This workflow is great for a distributed team, we can set up a new system, restore a backup and send it off to them with only a few notes on how to log in and sync up your password. This has worked well, but sometimes we’ve seen issues where user folders that have been copied in and had a new user created utilizing the existing user folder have been unable to make any TCC approvals for camera, microphone or file access. This is obviously a big problem in the world of daily zoom meetings.

My workflow after a data transfer has historically been to copy the data from another system manually, or more recently restore from an online backup. I then ensure the user folder is owned by the correct user with a simple one liner in terminal (or automated in a script):

sudo chown -R username /Users/username

In the past this has worked quite well, but with permissions and security changes with macOS Catalina we’ve been seeing more issues where even when the ~/Library/ folder is not copied over, the TCC database file seems to not allow any changes. Applications like Zoom, Microsoft Teams, WebEx and others are not prompting for camera and mic access at all, and the system preferences pane appears completely blank.

There is a command to reset the TCC permissions:

tccutil reset All

Somehow, even in this case does not seem to work. It appears the folder that houses the TCC permission information ~/Library/Application\ Support\com.apple.TCC/ has incorrect permissions, not even allowing the user to reset it. I expect this has something to do with the permissions that result in a cascade of not allowed messages when you run the aforementioned chown command.

After some searching I’ve found that the best solution is to delete the ~/Library/Application\ Support\com.apple.TCC/ folder. After this is deleted when you open up an application requesting permissions the dialog pops up normally.

One thought on “TCC issues after a data transfer

  1. Adam Lark July 12, 2021 / 12:15 pm

    You should tell them about the permissions issues with crashplan that the new OS brought on!

    By the way, I went to your office to say bye today, and apparently I missed you. Thought I would spam your blog with a quick bye, and say it was nice working with you, and I hope things go well for you in your new ventures. Feel free to say hi in the future if you are ever in the area.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s