Question
Starting with macOS High Sierra 10.13, a kernel extension must be approved by an administrator account or a Mobile Device Management (MDM) profile before it can load.
But when deploying Parallels Desktop to macOS Big Sur, despite having the corresponding MDM profile to allow a Parallels kernel extensions, macOS prompts the user to approve the kernel extensions. How can this be avoided?
Information
Starting with Big Sur, macOS requires a reboot after updating/deploying kernel extensions to rebuild macOS KEXT cache: https://support.apple.com/en-us/HT211860 .
As a result, even though the kernel extensions are allowed by the MDM profile, an additional system reboot is required before they can be freely loaded, and therefore the dialog appears.
Since in macOS Big Sur Parallels kernel extensions are only required to enable Parallels hypervisor, the best way to avoid this pop-up is to deploy the virtual machine configured to use Apple hypervisor. As a result, Parallels kernel extensions will not need to load, and the pop-up will not appear.
To select Apple hypervisor before deploying a virtual machine, do one of the following:
1. Open the virtual machine's Configuration > Hardware > CPU & Memory > Advanced Settings, and in Hypervisor select Apple.
2. Inside the .pvm bundle, open config.pvs file and change:
<HypervisorType>0</HypervisorType>
to
<HypervisorType>1</HypervisorType>
3. When using mass deployment package, it has a setting already set to override this option by default in deploy.cfg:
vm_set_hv_mode_apple_forcibly_since_macos_11_0="yes"
In which case, there is no need to take additional action, the package will make the change when the virtual machine is deployed.
Was this article helpful?
Tell us how we can improve it.