Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-1938: How to find the CFBundleIdentifier of applications on Mac systems

Mac & PC Management Service ,  

12 April,16 at 11:21 AM

Applies to: All versions of DirectControl on Mac OS X
How can the CFBundleIdentifier of applications on Mac systems be found?

This string is needed in places like the "Permit / prohibit access to user-specific applications" group policy.

There are two main ways for finding out the CFBundleIdentifier:
Via Finder:
  1. In Finder, open the folder where the target app is located. (e.g. /Applications )
  2. Right-click the app (hold Control and click on the app) and choose "Show Package Contents"
  3. Browse into the "Contents" folder
  4. Double click on the Info.plist (open with TextEditor) then search for <key>CFBundleIdentifier</Key>
  5. The indentifier is the value below this key.

Via Terminal:
  1. Open Terminal and navigate straight to the app Contents folder, for example:
    cd /Applications/Microsoft Office 2011/Office/Microsoft Office
  2. Run the command:

    defaults read "/Applications/Microsoft Office 2011/Office/Microsoft Office" | grep CFBundleIdentifier

Note 1:

Some apps may have their info.plist files in a different location, or may have multiple sub-applications buried inside them which will also need to be placed in the permit / prohibit GPs (such as Chrome or Adobe apps). To find the CFBundleIdentifiers for these applications, the following method could be used:
  1. Open the target app and let it run or get blocked at a certain function.
  2. Open /var/log/system.log and do a text search for the target app.
    For example, for Address Book, searching for the path of the application will return a line that looks like this:
    Jul 19 11:19:57 MBA11[21592] ([0x0-0x14f14f][21634]): posix_spawn("/Applications/Address Book", ...): Permission denied
  3. The segment before posix_spawn is the CFBundleIdentifier:

For apps that have multiple dependent sub-apps inside, each identifier would need to be added separately into the group policy:

User-added image

Note 2:

To find the CFBundleIdentifier for System Preference panes, look in the following directories and then apply the same logic as above to extract the identifier key:
  • /System/Library/PreferencePanes
  • /Library/PreferencePanes
  • ~/Library/PreferencePanes
See also:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.