Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

XDR agent not accepting full disk permissions

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

XDR agent not accepting full disk permissions

L2 Linker

Hi, I have an agent that after installation insists that the full disk access permissions were not granted. however, said permissions are granted.

furthermore, said agent cannot be uninstalled. how can I force the agent to recognize that it has been given the full disk access permissions? 

9 REPLIES 9

L3 Networker

Hi Daniel_Itenberg,

 

Can you provide the OS version for the endpoint as well as what agent version you are installing?

Thanks,

Ben

L3 Networker

Hi @Daniel_Itenberg 
I believe you are referring to MAC OS endpoints.
Can you try to reboot the endpoint once and see if that resolves the issue here.
Thank you!

Hi creddy,

We have already granted full disk permissions in macOS for Cortex XDR. However, we are still encountering the following popup:

 

The popup continues to reappear on the machine.

 

We are experiencing the same issues after a reboot in the cloud. Please help me

L1 Bithead

absolutely exactly the same behavior here 😞

L1 Bithead

Hey Marcos, as written above "We have already granted full disk permissions in macOS for Cortex XDR" I assume we did step 9 already 😉
But it seems there was an update on the agent, the message disappeared on my Mac.

L1 Bithead

i was too early, it's back and just as annoying as before. full disk access for pmd and TrapSecurityExtenstion allowed, but doesn't help at all 😞

L3 Networker

 

Please check that full disk access is really granted. To confirm, go to System Settings >> Privacy & Security >> Full Disk Access and verify PMD and TrapsSecurityExtension are enabled for full disk access:

 

jtalton_1-1701793682188.png

 

The next recommendation is to update macOS to the latest available version to see if the issue is resolved. 

 

If you have not already done so, please open a Support Case for additional troubleshooting by a TAC engineer to help resolve the issue. 

If you found this answer helpful, please select Accept as Solution.

L1 Bithead

Done this, looks the same, expect "Terminal".
But honestly it's easier to answer here as opening a ticket, so I just click it away until someone at PANW solved the issue 😉

  • 3504 Views
  • 9 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!