Which XML files does it reference that don't exist in the new install?
                
     
                                    
            Which XML files does it reference that don't exist in the new install?
Some of the documentation relates to anyconnect and refers to profile xml - the cisco secure documentation which in theory is updated (but still calls it anyconnect) is the one I referenced above and it works on a single installation but I cannot get a package created from it thus I cannot deploy it.
 
                
     
                                    
            I'm having trouble as well. Having a hard time rebuilding Secure Client in Composer with the old HCS Online docs. I did it once and have been unable to do it again in recent versions.
                
     
                                    
            I'm having trouble as well. Having a hard time rebuilding Secure Client in Composer with the old HCS Online docs. I did it once and have been unable to do it again in recent versions.
I've been able to do it finally with a mixed method but so far it seems successful.
1 - I followed the instructions here (https://docs.umbrella.com/deployment-umbrella/docs/customize-macos-anyconnect-installation) to edit the xml files to hide the VPN component, and to only install DART and Umbrella.
2 - I created a tmp folder and copied the installation pkg into it and also the Profiles folder you get in the DMG and put my two xml files in it and by org.json file into the umbrella folder.
3 - I used Composer to create a package of this (the pkg and the profiles folder and contents) and uploaded to JAMF
4 - I created a policy which installs that package (so all it does is basically create the folder and copy the contents into it) and also on that policy I have two scripts.  The first runs the installer command shown on the Cisco page, but from that folder:
#!/bin/bash
installer -pkg /Library/tmp/Cisco\\ Secure\\ Client.pkg -applyChoiceChangesXML /Library/tmp/Profiles/install_choices.xml -target /
exit 0The second opens it once installed as by default it does not automatically open like Umbrella did:
#!/bin/bash
open /Applications/Cisco/Cisco\\ Secure\\ Client.app
exit 05 - This policy is set to run based on a smart group which computers are only added to once they have a configuration file installed which permits the applications to run in the background etc. via extension kernel (this is also referenced on that Cisco page)
6 - So far that seems to be working in testing but have not deployed to student devices just yet.
                
     
                                    
                                    
            I've been able to do it finally with a mixed method but so far it seems successful.
1 - I followed the instructions here (https://docs.umbrella.com/deployment-umbrella/docs/customize-macos-anyconnect-installation) to edit the xml files to hide the VPN component, and to only install DART and Umbrella.
2 - I created a tmp folder and copied the installation pkg into it and also the Profiles folder you get in the DMG and put my two xml files in it and by org.json file into the umbrella folder.
3 - I used Composer to create a package of this (the pkg and the profiles folder and contents) and uploaded to JAMF
4 - I created a policy which installs that package (so all it does is basically create the folder and copy the contents into it) and also on that policy I have two scripts.  The first runs the installer command shown on the Cisco page, but from that folder:
#!/bin/bash
installer -pkg /Library/tmp/Cisco\\ Secure\\ Client.pkg -applyChoiceChangesXML /Library/tmp/Profiles/install_choices.xml -target /
exit 0The second opens it once installed as by default it does not automatically open like Umbrella did:
#!/bin/bash
open /Applications/Cisco/Cisco\\ Secure\\ Client.app
exit 05 - This policy is set to run based on a smart group which computers are only added to once they have a configuration file installed which permits the applications to run in the background etc. via extension kernel (this is also referenced on that Cisco page)
6 - So far that seems to be working in testing but have not deployed to student devices just yet.
Hi,
Recently gone through the same steps for some reason I'm still not able to get it to deploy properly the package say successfully deployed however I don't see cisco in application I also did get an error on the script path
"
| Script exit code: 1 | 
| Script result: installer: Error - the package path specified was invalid: 'u/Library/tmp/Cisco Secure Client.pkg'. | 
| Error running script: return code was 1."
 
 could you please assist me I'm not sure whats the best way to you reach you however. | 
                
     
                                    
            the steps @wolfhead outlined are the correct process - or similar - there are a few ways to do it. In my case,
Edit the choices XML and package it, and any other files you need (vpn profile xml, umbrella json etc) with composer this creates your "support files", install this pkg to a temp directory in the policy. in the same policy CACHE the secure client PKG installer, and then use a script to run the install and any file ops you need. here is what my script looks  like.
sudo installer -pkg /Library/Application\\ Support/JAMF/Waiting\\ Room/CiscoSecureClient5.0.05040.pkg -applyChoiceChangesXML /Users/Shared/SecureClientSupportFiles/SecureClient_install_choices.xml -target /
mkdir -p /opt/cisco/anyconnect/Umbrella/ && cp /Users/Shared/SecureClientSupportFiles/OrgInfo.json /opt/cisco/secureclient/Umbrella/OrgInfo.json
mkdir -p /opt/cisco/anyconnect/profile/ && cp /Users/Shared/SecureClientSupportFiles/vpnprofile.xml /opt/cisco/secureclient/vpn/profile/vpnprofile.xml
open -a /Applications/Cisco/Cisco\\ Secure\\ Client.app
                
     
                                    
            Hi All, 
I've been trying to get this to work for weeks and I've succumbed to a slipshod method that works but only if I manually run sudo jamf policy on every device, which is less than ideal.  I've followed @wolfhead's method more or less and I continually get the following error: 
Script result: installer: Package name is Cisco Secure Client
installer: choices changes file '/private/tmp/csc_choices.xml' applied installer: Installing at base path / installer: The install failed. (The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance. An error occurred while running scripts from the package “Cisco Secure Client.pkg”.) 
I believe I have set the proper permissions in Composer, so I am not sure what is broken here. When I run sudo jamf policy, the pkg downloads; however, I still see the above message in the Logs even though the pkg downloads on the device. My script looks like this: 
#!/bin/bash
installer -pkg /private/tmp/Cisco\\ Secure\\ Client.pkg -applyChoiceChangesXML /private/tmp/csc_choices.xml -target /
exit 0Like I mentioned, if I run a sudo jamf policy under the local admin user the package will download properly along with the XML choices. It just won't download when pushed from Jamf.  
Any ideas? 
                
     
                                    
            Hi All, 
I've been trying to get this to work for weeks and I've succumbed to a slipshod method that works but only if I manually run sudo jamf policy on every device, which is less than ideal.  I've followed @wolfhead's method more or less and I continually get the following error: 
Script result: installer: Package name is Cisco Secure Client
installer: choices changes file '/private/tmp/csc_choices.xml' applied installer: Installing at base path / installer: The install failed. (The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance. An error occurred while running scripts from the package “Cisco Secure Client.pkg”.) 
I believe I have set the proper permissions in Composer, so I am not sure what is broken here. When I run sudo jamf policy, the pkg downloads; however, I still see the above message in the Logs even though the pkg downloads on the device. My script looks like this: 
#!/bin/bash
installer -pkg /private/tmp/Cisco\\ Secure\\ Client.pkg -applyChoiceChangesXML /private/tmp/csc_choices.xml -target /
exit 0Like I mentioned, if I run a sudo jamf policy under the local admin user the package will download properly along with the XML choices. It just won't download when pushed from Jamf.  
Any ideas? 
have you tried putting the Sudo in the script in front of installer like my example?
                
     
                                    
            have you tried putting the Sudo in the script in front of installer like my example?
Yeah, same error pops up in the log even with the sudo. 
                
     
                                    
            I am wondering if this actually any issue with DUO Desktop. First off, I don't even want DUO, but it seems to be included with the Cisco Secure Client PKG.  When I run sudo jamf policy, the first thing that appears to download is the DUO Desktop App. I see DUO needs a cert... could that potentially be the issue? I'm clutching at straws here... 
                
     
                                    
            SO, after hours of sleuthing, I found the issue. The Secure Client PKG I am using packages Duo Desktop along with it. The installation errors were occurring due to cert I didn't for DUO not the Secure Client... SUPER ANNOYING. And none of Cisco's documentation mentioned anything about needing a cert for DUO, which is hilarious because I don't even need DUO in the first place... Anyways, if anyone comes across this issue, follow the instructions here to create and push out the config for DUO before installing the Cisco Secure Client: https://help.duo.com/s/article/6403?language=en_US 
 
The issue had nothing to do with the secure client install script after all. 
                
     
                                    
            We use the below to create our Anyconnect pkg's including the new agent.
 
GitHub - talkingmoose/Choices-Packager: Creates an Apple Installer package bundled with a Choices XML file
This is by far the easiest method. It was also the only one that fully worked for me.
Thanks for this!
                
     
                                    
            I've been able to do it finally with a mixed method but so far it seems successful.
1 - I followed the instructions here (https://docs.umbrella.com/deployment-umbrella/docs/customize-macos-anyconnect-installation) to edit the xml files to hide the VPN component, and to only install DART and Umbrella.
2 - I created a tmp folder and copied the installation pkg into it and also the Profiles folder you get in the DMG and put my two xml files in it and by org.json file into the umbrella folder.
3 - I used Composer to create a package of this (the pkg and the profiles folder and contents) and uploaded to JAMF
4 - I created a policy which installs that package (so all it does is basically create the folder and copy the contents into it) and also on that policy I have two scripts.  The first runs the installer command shown on the Cisco page, but from that folder:
#!/bin/bash
installer -pkg /Library/tmp/Cisco\\ Secure\\ Client.pkg -applyChoiceChangesXML /Library/tmp/Profiles/install_choices.xml -target /
exit 0The second opens it once installed as by default it does not automatically open like Umbrella did:
#!/bin/bash
open /Applications/Cisco/Cisco\\ Secure\\ Client.app
exit 05 - This policy is set to run based on a smart group which computers are only added to once they have a configuration file installed which permits the applications to run in the background etc. via extension kernel (this is also referenced on that Cisco page)
6 - So far that seems to be working in testing but have not deployed to student devices just yet.
Is it possible to see the layout of #3? I have had success previously with just VPN but bundling with Umbrella now having issue getting the Umbrella Service turn active. I have the Json in right area but I think the issue for me is how its being packaged in composer. Once I run it through Jamf doesnt work. Any help would be great. 
                
     
                                    
            Is it possible to see the layout of #3? I have had success previously with just VPN but bundling with Umbrella now having issue getting the Umbrella Service turn active. I have the Json in right area but I think the issue for me is how its being packaged in composer. Once I run it through Jamf doesnt work. Any help would be great. 
For my org, we have to leave the json out. Network team has it so the ASA downloads and activates it, so it may be the same for your org.
                
     
                                    
            Is it possible to see the layout of #3? I have had success previously with just VPN but bundling with Umbrella now having issue getting the Umbrella Service turn active. I have the Json in right area but I think the issue for me is how its being packaged in composer. Once I run it through Jamf doesnt work. Any help would be great. 
They have released newer instructions which seem to work just fine - just pay attention to the subfolders as last I looked, they did not show consistent images.
 
https://support.umbrella.com/hc/en-us/articles/23515921165844-How-to-deploy-Cisco-Secure-Client-via-JAMF-MacOS
                
     
                                    
            They have released newer instructions which seem to work just fine - just pay attention to the subfolders as last I looked, they did not show consistent images.
 
https://support.umbrella.com/hc/en-us/articles/23515921165844-How-to-deploy-Cisco-Secure-Client-via-JAMF-MacOS
So I ended up figuring out the issue this morning, going to say it here just incase someone else runs into issue. Cisco wouldnt show up in login items and oddly that was keeping umbrella from going active. There's a link I found in here to help
https://community.jamf.com/t5/jamf-nation/cisco-secure-client-5-1-0-136-anyconnect-vpn-service-not-enabled/m-p/309347/highlight/true
                
     
                                    
            So I ended up figuring out the issue this morning, going to say it here just incase someone else runs into issue. Cisco wouldnt show up in login items and oddly that was keeping umbrella from going active. There's a link I found in here to help
https://community.jamf.com/t5/jamf-nation/cisco-secure-client-5-1-0-136-anyconnect-vpn-service-not-enabled/m-p/309347/highlight/true
Yes I keep forgetting that - I had to add them manually as it is not part of their set up - the newer instructions certainly help but they are not perfect but it should get everything working!