Identifying System Preferences Panes

It’s time for an adventure in identifying macOS System Preferences Panes!

In my previous post I talked about the different ways that admins can deep-link to specific System Preference Panes, but how do you identify those panes and how do you even know if the pane itself supports url scheme linking?

Identifying Pane Name & Anchors

How did I discover the url schemes for those panes and how can you do it as well?I’m glad you asked!

You can find the pane and associated deeplink anchors with just a little bit of applescript.

  1. Paste the code below into Script (located in /Applications/Utilities)
  2. Open System Preferences to the exact pane that you want to identify, and run the script.
  3. It will output the name of the current pane and any associated anchors.
-- Open System and click into desired pane/setting. Then, run this script to find out name (Pane ID) and any anchors.

tell application "System Preferences"
	set AppleScript's text item delimiters to ", "
	set CurrentPane to the id of the current pane
	get the name of every anchor of pane id CurrentPane
	set CurrentAnchors to get the name of every anchor of pane id CurrentPane
	set the clipboard to CurrentPane
	display dialog "Current Pane ID: " & CurrentPane & return & return & "Pane ID has been copied to the clipboard." & return & return & "Current Anchors: " & return & (CurrentAnchors as string)
end tell

You’ll get an output like this and the pane id will be copied to your clipboard:

System Preferences Pane ID and Anchors

Now unfortunately, sometimes this doesn’t capture ALL anchors that you can deeplink to (really I’ve only found it problematic with the Security & Privacy pane).

If you find some anchors/sections missing, you may want to dig into the preference pane itself and see if there’s any bits of code that reference available options. For example, the script above when run against the Security & Privacy Pane doesn’t return any options for the Input Monitoring section. However, I can open /System/Library/PreferencePanes/Security.prefPane/Contents/Resources/PrivacyTCCServices.plistand see the key value I’m looking for (and what that section is actually called) is ListenEvent.

Identifying if the pane supports URLScheme.

Not all Preference Panes support URLScheme. For those that don’t, you can accomplish the same action of opening the pane with Applescript in most instances. But how do you know if a specific pane supports a URLScheme? Let’s explore.

Most of the preference panes themselves are located within /System/Library/PreferencePanes/.

Here’s how to find if the pane supports url schemes:

  1. Open Finder and Go To /System/Library/PreferencePanes
  2. Right click on the pane you want to inspect choose Inspect Package Contents
  3. Open the Contents > Info.plist. If it supports url scheme you’ll see a NSPrefPaneAllowsXAppleSystemPreferencesURLScheme=1
System Preferences Pane URLScheme support

If the pane DOES support a url scheme, then you can use the open command + URLschemes listed here. If it does not, and you still want to open the pane via script, you could do so using Applescript.

Hope this was helpful! Happy scripting!

Scripting System Preferences Panes

Join me on an adventure in discovering how to use scripts to open nearly every single aspect of the macOS System Preferences Pane!

Mac admins and developers may at some point in their careers find themselves needing to script the opening of macOS System Preferences panes, either for automation or other tasks like presenting a specific pane to a user to click or configure.

The URL Scheme introduced in 10.10 (and refined/restricted in 10.11) makes it easy to not only open specific System Preference Panes, but to deep link to specific sections of those panes with precision. Apple seems to be adding new urls and anchors to System Preferences with each macOS release, so this will continue to be a useful tool to have in your macadmin tool belt.

So how can you automatically open specific System Preferences panes in your scripts? I’m glad you asked! Let’s dive in…

Continue reading Scripting System Preferences Panes

The open command

It’s time for adventures in the open command!

Most admins know the open command. They’ll use it in bash scripts or as part of an item in Self Service to open a file, an application, a URL, or a System Preference Pane (among other things). However there are quite a few additional features beyond the surface level open command that a lot of admins aren’t aware of, so I’d like to share those with you now.

Let’s take a look at a few basic examples of the open command below:

open /path/to/file.pdf

open "/Applications/Brave"


System Preference Pane
open "/System/Applications/System"

As Brett Terpresta points on this excellent post, there’s a host of extra options and flags available when using the open command.

Let’s say you want to open a file or a url with a specific app. Maybe you have an internal company url that only works with Chrome and you want to make sure that your script or Self Service item that opens that site always opens in the Chrome browser. Or perhaps you’re deploying a pdf with certain features that only work inside of Adobe Acrobat Reader. You can use the -a flag to specify a specific application by name or -b to specify a specific application by its bundle identifier.

Let’s expand on a few of our original examples:

open -a "Adobe Acrobat Reader DC" /path/to/file.pdf
open -b com.adobe.Reader /path/to/file.pdf

open -a "Brave Browser"
open -b

In the examples above, I can make sure that the PDF I am opening doesn’t default to the macOS, but instead Adobe Acrobat Reader. Or in the case of urls, I can’t specifically open the url in Brave Browser or Safari simply by calling on the application name or bundle id.

Unsure how to find an app’s bundle identifier? Open Terminal and type:
codesign -dr - /Applications/ to get it's identifier.

$codesign -dr - /System/Volumes/Data/Applications/Brave\

Executable=/System/Volumes/Data/Applications/Brave Browser
designated => identifier "com.brave.Browser" and anchor apple generic and certificate 1[field.1.2.840.113635.] /* exists */

In the example above, I can see that com.brave.Browser is the bundle identifier.

These are some useful tricks that mac admins can leverage to add application specificity to their scripts when opening files or URLS. There’s a few other tricks that Brett covers, so be sure to go check out his post.