Deploy App Settings in the macOS Plist

You can set the GlobalProtect app customization settings in the macOS global plist (Property list) file. This enables deployment of GlobalProtect app settings to macOS endpoints prior to their first connection to the GlobalProtect portal.
On macOS endpoints, plist files are either located in /Library/Preferences or in ~/Library/Preferences. The tilde ( ~ ) symbol indicates that the location is in the current user's home folder. The GlobalProtect app on a macOS endpoint first checks for the GlobalProtect plist settings. If the plist does not exist at that location, the GlobalProtect app searches for plist settings in ~/Library/Preferences.
In addition to using the macOS plist to deploy GlobalProtect app settings, you can enable the GlobalProtect app to collect specific macOS plist information from the endpoints. You can then monitor the data and add it to a security rule to use as matching criteria. Endpoint traffic that matches registry settings you define can be enforced according to the security rule. Additionally, you can set up custom checks to Collect Application and Process Data From Endpoints.
  1. Open the GlobalProtect plist file and locate the GlobalProtect app customization settings.
    Use Xcode or an alternate plist editor to open the plist file:
    /Library/Preferences/com.paloaltonetworks.GlobalProtect.settings.plist
    Then go to:
    /Palo Alto Networks/GlobalProtect/Settings
    If the Settings dictionary does not exist, create it. Add each key to the Settings dictionary as a string.
  2. Set the portal name.
    If you do not want the end user to manually enter the portal address even for the first connection, you can pre-deploy the portal address through the plist. In the PanSetup dictionary, configure an entry for Portal.
  3. Deploy various settings to the macOS endpoint, including the connect method for the GlobalProtect app.
    View Customizable App Settings for a full list of the keys and values that you can configure using the macOS plist.

Related Documentation