We have used Forticlient AV/VPN clients in our environment and I find that after using their client uninstaller there are items still listed in the privacy settings for Full Disk Access. The files they reference have been removed but the TCC.db still contains the "Allowed" setting. I have run into this issue in Big Sur, Monterey and Ventura.
Using the tccutil reset SystemPolicyAllFiles removes them from the GUI (and everything else unfortunately from Full Disk Access) but I find that when querying the TCC.db they still exist with Full Disk Access. Trying to target by bundleID just generates an error. (i.e. tccutil reset SystemPolicyAllFiles com.forticlient.FortiClient returns tccutil: No such bundle identifier "com.fortinet.FortiClientAgent": The operation couldn’t be completed. (OSStatus error -10814.)
With the handy script from Mac-Nerd I can see that there are still entries.
How can I clear these entries from the TCC.db other than deleting the file? That would be excessively destructive in our environment and troublesome for users.
