Configuring LanSchool Air for Mac Privacy Approvals with MDM
For student devices running macOS Mojave (10.14)
and later, Apple introduced new privacy protection systems to ensure that all installed software works as it should. These new systems can be challenging to configure correctly. As it would be impractical to visit each computer to make these approvals, Apple has expanded its Mobile Device Management (MDM) system to allow remote configuration of many of these approvals.
Most MDM systems allow importing
.mobileconfig template files in order to deploy policies to devices. For the best experience, download this pre-configured privacy policy template provided by LanSchool and deploy it to your devices:
LanSchoolAirStudentPolicy.mobileconfig.
Alternatively, follow the instructions below to manually create a policy.
The LanSchool Air for Mac client requires four approvals, shown in the table below, to allow all functionality.
The Screen Recording Approval cannot be automated. It must be enabled manually on the student device.
Privacy Policy |
Description |
Accessibility |
Allows LanSchool Air to fully lock the computer during Blank Screen . Without this approval, students may exit Blank Screen using certain key combinations. |
Automation |
Allows LanSchool Air to automate the Safari browser during Limit Web so that students are kept on websites the teacher allows. |
Full Disk Access |
A llows LanSchool Air to examine the Safari browser history files to correctly determine where a student is browsing in the Safari browser during Limit Web . |
Screen Recording |
Only required for macOS Catalina (10.15) and later. The screen recording approval is required to allow LanSchool Student to share the student's screen with the teacher.
This approval cannot be configured using an MDM server and must be enabled manually on each student device.
|
It is recommended that the MDM configuration be installed on student computers before the the LanSchool Air Client for Mac is installed. This ensures that no prompts appear that a student sitting at a computer can deny and prevents other issues from occurring.
The following instructions use SimpleMDM (
https://simplemdm.com/ ) as an example MDM provider. Your MDM provider interface may look a little different but likely has similar features and requests the same information.
-
Navigate your MDM provider interface to a location where you can create profiles and choose to create a profile to configure privacy preferences:
-
Provide the following information (order and description may vary):
As shown above:
- The bundle ID for LanSchool Air is "com.lenovo.lsair.Client", whose code requirement is "anchor trusted" . Static code validation is not necessary.
- Set Accessibility to Allow
- Set Post event to Allow
- Set Access all files to Allow
- All other values should be Not Set
- For Apple Event Targets, you must add Safari with the bundle identifier "com.apple.Safari" and code requirement identifier "com.apple.Safari" and anchor Apple, with Access set to Allow.
When you have created the profile, use your MDM provider to send the profile to all student computers. You are done!
Related Articles
Deploying LanSchool Air Using Jamf Pro
Overview The LanSchool Air for MacOS agent supports a few different deployment methods. See Mass Deploying LanSchool Air for Mac Student for more detailed instructions. Please note that our support team can only provide limited assistance with ...Installing LanSchool Air for Mac Student
Overview This article explains how to install the Mac client on an individual student device. For instructions on deploying the Mac client to a large number of student devices, see Mass Deploying LanSchool Air for Mac Student . Generating the Link to ...Mass Deploying LanSchool Air for Mac Student
This article explains how to mass deploy the LanSchool Air Mac client on multiple devices at once. For instructions on installing the LanSchool Air Mac client on individual devices, see Installing LanSchool Air for Mac Student. When to Mass Deploy If ...Deploying LanSchool Air Using Intune
Overview The LanSchool Air for Windows agent supports using our LanSchool Air installer. Please note that our support team can only provide limited assistance with configuring your organization's Microsoft Endpoint Manager. The LanSchool Air Intune ...LanSchool Air Setup Guide
Who Should Use this Guide? LanSchool Air site administrators responsible for installing LanSchool Air on student devices, configuring admin settings, and inviting instructors. What Does This Guide Cover? This guide provides instructions for: ...
Popular Articles
Viewing Student Client Status
Overview If a student device is appearing as offline, check the status of LanSchool Air client installed on the student's device to make sure it's provisioned and connected. This will provide direction on where to begin troubleshooting. Viewing ...Using Web Limiting
Overview To block troublesome or distracting websites or limit students to a select few websites pertinent to the class, use the Web Limiting feature in LanSchool Air. There is currently no limit on the number of URLs that can be added to the block ...Mass Deploying LanSchool Air for Chromebook Student
This guide walks site administrators through the process of deploying the LanSchool Air app to students using Chromebooks and getting LanSchool Air ready for instructors to use. For information on installing the LanSchool Air app to Windows or Mac ...Controlling Student Browser Tabs
Overview Controlling browser tabs is currently supported for students using Chromebooks. Students on Windows or macOS devices will only display the most recently viewed website. In List View and Student Details, you have added controls over tabs on a ...Using Blank Screen
Overview LanSchool Air's customizable Blank Screen feature enables you to push a Blank Screen to your students' computers. When you enable Blank Screen, students are not able to view or listen to anything on their device until the Blank Screen is ...
Recent Articles
End of Life Lenovo V2 VR LanSchool Air Integration
As of March 31, 2024 Lenovo V2 VR integration with LanSchool Air has reached End of Life. Please see Lenovo VR Classroom for more information about VR learning solutions.Disabling Edge Split Screen
Overview LanSchool Air is unable to limit the web in Microsoft Edge when the student uses the Edge Split Screen feature. The LanSchool Air extension does not register the second screen and will not block the website. It is recommended to disable Edge ...Resolving Installer Download Issues for LanSchool Air
Overview This article serves as a supplementary guide to the articles Installing LanSchool Air for Windows Student and Installing LanSchool Air for Mac Student. If you encounter challenges during the download process on the student machine, ...Accessing Chat History
Overview Chat history preserves a 45 day record of interactions between students and instructors. This record can be valuable for administrative purposes, tracking student progress or addressing any concerns. Chat history allows LanSchool Air admins ...Generating Audit Reports
Overview Audit reports detailing changes made to the LanSchool Air environment are available to LanSchool Air Site Admins. These reports track who made the changes and when. Accessing Audit Reports LanSchool Air Site Admins can access audit reports. ...