Configuring LanSchool Air for Mac Privacy Approvals with MDM
For student devices running macOS Mojave (10.14)
and later, Apple introduced new privacy protection systems to ensure that all installed software works as it should. These new systems can be challenging to configure correctly. As it would be impractical to visit each computer to make these approvals, Apple has expanded its Mobile Device Management (MDM) system to allow remote configuration of many of these approvals.
Most MDM systems allow importing
.mobileconfig template files in order to deploy policies to devices. For the best experience, download this pre-configured privacy policy template provided by LanSchool and deploy it to your devices:
LanSchoolAirStudentPolicy.mobileconfig.
Alternatively, follow the instructions below to manually create a policy.
The LanSchool Air for Mac client requires four approvals, shown in the table below, to allow all functionality.
The Screen Recording Approval cannot be automated. It must be enabled manually on the student device.
Privacy Policy |
Description |
Accessibility |
Allows LanSchool Air to fully lock the computer during Blank Screen . Without this approval, students may exit Blank Screen using certain key combinations. |
Automation |
Allows LanSchool Air to automate the Safari browser during Limit Web so that students are kept on websites the teacher allows. |
Full Disk Access |
A llows LanSchool Air to examine the Safari browser history files to correctly determine where a student is browsing in the Safari browser during Limit Web . |
Screen Recording |
Only required for macOS Catalina (10.15) and later. The screen recording approval is required to allow LanSchool Student to share the student's screen with the teacher.
This approval cannot be configured using an MDM server and must be enabled manually on each student device.
|
It is recommended that the MDM configuration be installed on student computers before the the LanSchool Air Client for Mac is installed. This ensures that no prompts appear that a student sitting at a computer can deny and prevents other issues from occurring.
The following instructions use SimpleMDM (
https://simplemdm.com/ ) as an example MDM provider. Your MDM provider interface may look a little different but likely has similar features and requests the same information.
-
Navigate your MDM provider interface to a location where you can create profiles and choose to create a profile to configure privacy preferences:
-
Provide the following information (order and description may vary):
As shown above:
- The bundle ID for LanSchool Air is "com.lenovo.lsair.Client", whose code requirement is "anchor trusted" . Static code validation is not necessary.
- Set Accessibility to Allow
- Set Post event to Allow
- Set Access all files to Allow
- All other values should be Not Set
- For Apple Event Targets, you must add Safari with the bundle identifier "com.apple.Safari" and code requirement identifier "com.apple.Safari" and anchor Apple, with Access set to Allow.
When you have created the profile, use your MDM provider to send the profile to all student computers.
macOS 15.0 (Sequoia) Privacy Prompts
Apple's operating system macOS 15.0 (Sequoia) will now issue 2 privacy prompts on the student devices.
Screen Recording Prompt
The LanSchool Air application has been approved for Screen Recording but a prompt will pop up occasionally.
This prompt will give students two options: continue to allow screen recording for one month or allow them to disable the approval.
- If the Screen Recording approval was approved by an administrator, students (Standard Users) cannot disable the approval.
- If the MDM setting "Allow Standard User to Set System Service" was set and the Screen Recording approval was approved by students (Standard Users), students will be able to disable the approval.
At this time, there is no way to prevent this prompt from appearing.
Allow Privacy Approval Screen Prompt
When a teacher shares their screen with the students a privacy prompt will appear. Selecting either option will not interfere with the share screen functionality and will not prevent the client from working.
At this time there is no way to prevent this prompt from appearing.
Related Articles
Deploying LanSchool Air Using Jamf Pro
Overview The LanSchool Air for MacOS agent supports a few different deployment methods. See Mass Deploying LanSchool Air for Mac Student for more detailed instructions. Please note that our support team can only provide limited assistance with ...Installing LanSchool Air for Mac Student
Overview This article explains how to install the Mac client on an individual student device. For instructions on deploying the Mac client to a large number of student devices, see Mass Deploying LanSchool Air for Mac Student . Generating the Link to ...Mass Deploying LanSchool Air for Mac Student
This article explains how to mass deploy the LanSchool Air Mac client on multiple devices at once. For instructions on installing the LanSchool Air Mac client on individual devices, see Installing LanSchool Air for Mac Student. When to Mass Deploy If ...Deploying LanSchool Air Using Intune
Overview The LanSchool Air for Windows agent supports using our LanSchool Air installer. Please note that our support team can only provide limited assistance with configuring your organization's Microsoft Endpoint Manager. The LanSchool Air Intune ...Sharing Instructor Screen with the Class
Overview When a class is started, the instructor has the ability to broadcast their screen to the student devices. The instructor can choose to share their entire screen with the class, only an application window or a specific browser tab. This is a ...
Popular Articles
Viewing Student Client Status
Overview If a student device is appearing as offline, check the status of LanSchool Air client installed on the student's device to make sure it's provisioned and connected. This will provide direction on where to begin troubleshooting. Viewing ...Using Web Limiting
Overview To block troublesome or distracting websites or limit students to a select few websites pertinent to the class, use the Web Limiting feature in LanSchool Air. There is currently no limit on the number of URLs that can be added to the block ...Mass Deploying LanSchool Air for Chromebook Student
This guide walks site administrators through the process of deploying the LanSchool Air app to students using Chromebooks and getting LanSchool Air ready for instructors to use. For information on installing the LanSchool Air app to Windows or Mac ...Controlling Student Browser Tabs
Overview In List View and Student Details, you have added controls over tabs on a student's screen. You can: View all tabs a student has open Take a screen shot of a student's active tab Close a tab on a student's computer Add a website a student is ...Using Blank Screen
Overview LanSchool Air's customizable Blank Screen feature enables you to push a Blank Screen to your students' computers. When you enable Blank Screen, students are not able to view or listen to anything on their device until the Blank Screen is ...
Recent Articles
Purchasing or Renewing LanSchool Air
Purchasing Contact If you are looking to purchase LanSchool Air, renew your LanSchool Air license or require a quote, please visit our website at https://lanschool.com/purchasing. You may also contact sales at 833-247-2527 or fill out the Contact ...Merging Synced Class Rosters
Overview Merge classes allows instructors to merge their synced rosters together into one class to align better with their teaching methods. Instructors can merge up to 3 classes for ClassLink, Clever or Google Classroom. Merging Synced Classes As an ...End of Life Lenovo V2 VR Integration with LanSchool Air
As of March 31, 2024 Lenovo V2 VR integration with LanSchool Air has reached End of Life. Please see Lenovo VR Classroom for more information about VR learning solutions.Viewing Web History
Overview LanSchool Air preserves a 45 day record of student web history. This record can help instructors keep track of what sites students are using and if they are remaining on task. Web history can be viewed by Instructors and co-teachers in the ...Disabling Edge Split Screen
Overview LanSchool Air is unable to limit the web in Microsoft Edge when the student uses the Edge Split Screen feature. The LanSchool Air extension does not register the second screen and will not block the website. It is recommended to disable Edge ...