Just posting here so folks don't go down the hours long rabbit hole I just did. I was able to write a MobileConfig Policy allowing Full Disk Access Permissions for Orbit on MacOS. It is attached here if you'd like to use it, just swap in some UUIDs. NOTE THE COMMENT FIELD IS REQUIRED. I spent so long trying to figure out why this wasn't working on MacOS 14.6. Event the documentation says its not a used field: https://developer.apple.com/documentation/devicemanagement/privacypreferencespolicycontrol/services/identity But it is required, even if it's empty