Skip to main content

I'm having some difficulty figuring out how to use Casper to install Cylance on every Mac in our organization. I've tried to create a shell script that will run it (not through Casper yet) but when I try on a test Mac it fails.



I have the Cylance.pkg and a cylance_install_token file in the same folder as the script. I copied the verbiage from a larger script that someone in our InfoSeec team had created a while ago to install this and other security software and it works there. Maybe I missed something?



If I can get this script to actually install it then I can go to the next step and figure out how to use Casper to push it out.



!/bin/sh



Cylance AV Client Install



echo "Installing Cylance AV Agent for Mac.
";
echo "Cylance AV Agent Start: " date"
" >> $LOG;
installer -pkg CylancePROTECT.pkg -target LocalSystem
echo "Cylance AV Agent Stop: " date"
" >> $LOG;
echo "Completed Cylance AV Agent for Mac Installation.
";



The output I get from Terminal is



BUR-JMENDEL4-i:~ jmendel$ /Users/jmendel/Desktop/Cylance Installer/Cylance.sh
Installing Cylance AV Agent for Mac.



/Users/jmendel/Desktop/Cylance Installer/Cylance.sh: line 5: $LOG: ambiguous redirect
installer: Error the package path specified was invalid: 'CylancePROTECT.pkg'.
/Users/jmendel/Desktop/Cylance Installer/Cylance.sh: line 7: $LOG: ambiguous redirect
Completed Cylance AV Agent for Mac Installation.



BUR-JMENDEL4-i:~ jmendel$

@pdinh I am in the same boat with that one. What I have done is create a smart group stating if "Cylance" does not exist. Then add that smart group to an on-going policy that will install Cylance if the computer enters that group. A work around until I hear from cylance or look through the package contents, which may give me a clue.



Hope this helps.

@cprimero thats actually pretty smart. i'll have to try that. Thanks for the work around!

I was unable to get a custom package working so instead I just used a script. So, my steps were.
1. Download CylancePROTECT.pkg from my Cylance portal.
2. Upload it to my web server
3. Put the script below into Jamf (we use Jamf school) and run it.



#!/bin/bash



#Make Cylance Directory

mkdir -p /usr/local/bin/cylance



#Go to Cylance directory

cd /usr/local/bin/cylance



#download CylancePROTECT.pkg

curl -LO http://your-web-server/CylancePROTECT.pkg



#Run Cylance Installer

echo replace_with_your_token > /usr/local/bin/cylance/cyagent_install_token

echo VenueZone="replace_with_your_zone" >> /usr/local/bin/cylance/cyagent_install_token

sudo installer -verboseR -dumplog -pkg /usr/local/bin/cylance/CylancePROTECT.pkg -target /



exit 0

How do you deploy CylanceOPTICS,pkg?

Hey people, just wanted to share how it worked for me. My thing was, when I was deploying a pkg as @Chris_Hafner described, Cylance was still asking me for a reg token(even after when Ive run the policy successfully). So my issue was in Files and Processes I have modified and entered the following command,



sudo sh /private/tmp/Cylance/install_cylance_with_token.sh



Rebooted, and agent worked without any issue.

Hey people, just wanted to share how it worked for me. My thing was, when I was deploying a pkg as @Chris_Hafner described, Cylance was still asking me for a reg token(even after when Ive run the policy successfully). So my issue was in Files and Processes I have modified and entered the following command,



sudo sh /private/tmp/Cylance/install_cylance_with_token.sh



Rebooted, and agent worked without any issue.

This tread was very useful and I read through it many times but I kept running into issues. Being new to scripting on a MAC I kept getting the error "command not found". Finally reached out to JAMF support and the install shell script was not in plain text, it was rich text. I was not aware that was a thing or how to change it. JAMF support determined that issue and we were able to get Cylance installed. We then ran into the issue of requiring to allow permissions so we had to create a PPPC and allow extension. https://community.jamf.com/t5/jamf-pro/cylance-system-extensions-with-bigsur/m-p/230861 

 

Now I can move on to my next software deployment through JAMF!

@jonathanla Try this



• Open /private/tmp (On a computer with composer)
• Create a folder called "Cylance" (Just a suggestion on name)
• Drag the cylancePROTECT.pkg into this new folder.
• Create a shell script as suggested (example below) and call it something like "install_cylance_with_token.sh"



#!/bin/sh

#!/bin/bash



echo PLACE_TOKEN_HERE > /private/tmp/Cylance/cyagent_install_token 

sudo installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target /



exit 0


• Copy the script into that new directory (/private/tmp/Cylance)
• Open Composer
• Drag the entire "Cylance" directory into Composer (the "Cylance" folder that you created in /private/tmp/)
• Check permissions on everything in that composer list.
• Package what you have in composer as a .pkg or a .dmg as you prefer. I see no benefit to having this packaged as a .dmg so...
• Upload this new package to Casper Admin with whatever notes and settings you prefer. In all likelihood, this will need to be installed after boot, but I'm not positive.
• Create a policy as described above, using the "execute command" field in "Files and Processes" as described. In the case of my example, that would be:



/private/tmp/Cylance/install_cylance_with_token.sh


This is what I've done this morning to check. It's working well for me.



P.S. I did consider simply trying to edit the source of the installer as there seems to be a script in the package where we could stick the token, but this process seems simpler.



Hi @Chris_Hafner 

I am trying to package Cylance with the installation token with Composer. I followed your above guide and created a new package. I manually installed the package on the device, but I can't see the app visible under applications. Any idea why this is happening?

Terms & ConditionsCookie settings