We provide software that our customers deploy on their employee work computers to secure sensitive data. We have a daemon which could connect to an on-premise web-server for certain functionality. In Mac OS 15 beta we see that there is a local network access permission dialog that comes up sometimes, and it requires a permission to be provided under the Privacy & Security section of the system preferences.
We have seen the local network access permission would pop up only when both Server and Client are residing in the same private network range (eg 172.16.x.x. in our case.)
When the same server is accessed from a Sequoia machine over a VPN from external network, the local network access permission does NOT pop up. But note in this case, the Sequoia machine has an IP in the 10.x.y.z range, whereas the server is at 172.16.x.y.
We have the following questions:
- In our setup with Macs connecting to a web-server, what conditions can trigger the local network prompt?
- In particular, do both the client and server need to be in the same private subnet range for the prompt to be shown?
- Is it possible that a user at home, working on a Sequoia machine, connecting over VPN to an on-prem server, would trigger this prompt?
- If so, we would submit this is not expected, as a VPN is not really a local network.
- Is there an MDM way of automatically providing the permission, so that the prompt is suppressed?
- In general, is there a programmatic way of providing this permission during installation ? if yes how can we do it.
- How do we stop users from disabling the permission incase the user has admin rights?
during address resolution we end up getting the LNP
If you follow the links through my QSockets code, you’ll see that it calls getaddrinfo
under the covers. So that’s not the critical factor.
You’re passing in a hints
value, but you’ve set that up in a very vanilla fashion so I don’t see how it’d be relevant.
At this point I’m out of ideas. Clearly this is related to the environment in which your code is running, and that’s hard for me to investigate here on the forums. My recommendation is that you file a bug about this. Make sure to include a sysdiagnose log taken shortly after you see the issue.
Please post your bug number, just for the record.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"