Are you talking Carbon Black protection or CB response?

CB Defense

@aspears I was able to create my own installer then used it in a policy

@RaulSantos Would you mind sharing how you did that. I'm confused on how to include the company code in the package

@aspears inside the dmg there is a hidden folder called docs there is a scripts called cbdefense_install_unattended.sh
edit the

options

CONFER_INSTALLER="/tmp/pkgname.pkg"
COMPANY_CODE=""

Then create an installer with composer or whatever other pkg utility you prefer. Place the pkg wherever you want. I suggest /tmp/ and have the "cbdefense_install_unattended.sh" be your postinstall script. The company code and installer location.

Ah! thanks, I'll give it a try shortly

@aspears did that achieve your goals?

@RaulSantos For some reason it didn't work for me. I was able to get it to work by creating two policies, One to place/cache the installer in the /tmp folder and the other policy to run cbdefense_install_unattended.sh

• I will still work on getting your way to work once I get some free time :-)

Create a Package, and dump the carbon black files to

private mp

so in my package under tmp I have
cbdefense install.pkg
cbdefense uninstall.app
docs
cbdefense_install_unattended.sh

once the files are on the local MacBook
I run a script to install it locally
sudo bash /private/tmp/docs/cbdefense_install_unattended.sh -i /private/tmp/CbDefense Install.pkg -c CompanyCode@

so my policy has a .pkg that dumps the payload above, then runs a script for the unattended install.... works very easily.

Hi. We just deployed CB Defense this weekend.

Everything runs in a policy. We stage the installer files as a .pkg in /Users/Shared/CbDefense and then edit the script that comes with the install as follows:

#options
CBD_INSTALLER="/Users/Shared/CbDefense/CbDefenseInstall.pkg"
COMPANY_CODE="<insert code here>"

#optional args
GROUP_NAME="<insert policy here>"

I believe everything else is left default (for us). Your setup may vary.

I create a pkg and place it into a stage folder, then run the install from that location:

#!/bin/bash
# This script installs the Carbon Black 6.1.3 client and will uninstall the old client when applicable

# Created by Jeffrey Conte 1-19-2018


# This will uninstall any previously installed CB agents, remove comment when ready

/Applications/CarbonBlack/sensoruninst.sh

# This will install the Carbon Black client for Mac's

/usr/sbin/installer -package /Library/StageFolder/Packages/Carbon Black_6_1_3/CarbonBlackClientSetup_6_1_3_71222.pkg -target /

sleep 15

chflags hidden /Applications/CarbonBlack

exit

Any one every get the following error?

/Library/Application Support/JAMF/tmp/CB Defense 3.3.1.12: line 428: syntax error near unexpected token `('
/Library/Application Support/JAMF/tmp/CB Defense 3.3.1.12: line 428: ` echo "...OK (user pre-approved)"'

This is after trying to push the included cbdefense_install_unattended.sh

Here is my postinstall script in composer. If I remember correctly the skip kext had to be used which was causing errors. It's been awhile since we did this. Need a # in front of first line and ## in front of second line. Don't know why it deleted them.

!/bin/sh

postinstall

pathToScript=$0
pathToPackage=$1
targetLocation=$2
targetVolume=$3

cd /tmp/cb

sh /private/tmp/cb/docs/cbdefense_install_unattended.sh --skip-kext-approval-check

rm -rf /tmp/cb

exit 0 ## Success
exit 1 ## Failure