I'm having some difficulty figuring out how to use Casper to install Cylance on every Mac in our organization. I've tried to create a shell script that will run it (not through Casper yet) but when I try on a test Mac it fails.
I have the Cylance.pkg and a cylance_install_token file in the same folder as the script. I copied the verbiage from a larger script that someone in our InfoSeec team had created a while ago to install this and other security software and it works there. Maybe I missed something?
If I can get this script to actually install it then I can go to the next step and figure out how to use Casper to push it out.
!/bin/sh
Cylance AV Client Install
echo "Installing Cylance AV Agent for Mac.
"; echo "Cylance AV Agent Start: " date"
" >> $LOG;
installer -pkg CylancePROTECT.pkg -target LocalSystem echo "Cylance AV Agent Stop: " date"
" >> $LOG; echo "Completed Cylance AV Agent for Mac Installation.
";
The output I get from Terminal is
BUR-JMENDEL4-i:~ jmendel$ /Users/jmendel/Desktop/Cylance Installer/Cylance.sh
Installing Cylance AV Agent for Mac.
/Users/jmendel/Desktop/Cylance Installer/Cylance.sh: line 5: $LOG: ambiguous redirect installer: Error the package path specified was invalid: 'CylancePROTECT.pkg'. /Users/jmendel/Desktop/Cylance Installer/Cylance.sh: line 7: $LOG: ambiguous redirect Completed Cylance AV Agent for Mac Installation.
• Open /private/tmp (On a computer with composer) • Create a folder called "Cylance" (Just a suggestion on name) • Drag the cylancePROTECT.pkg into this new folder. • Create a shell script as suggested (example below) and call it something like "install_cylance_with_token.sh"
• Copy the script into that new directory (/private/tmp/Cylance) • Open Composer • Drag the entire "Cylance" directory into Composer (the "Cylance" folder that you created in /private/tmp/) • Check permissions on everything in that composer list. • Package what you have in composer as a .pkg or a .dmg as you prefer. I see no benefit to having this packaged as a .dmg so... • Upload this new package to Casper Admin with whatever notes and settings you prefer. In all likelihood, this will need to be installed after boot, but I'm not positive.
• Create a policy as described above, using the "execute command" field in "Files and Processes" as described. In the case of my example, that would be:
This is what I've done this morning to check. It's working well for me.
P.S. I did consider simply trying to edit the source of the installer as there seems to be a script in the package where we could stick the token, but this process seems simpler.
@pdinh I am in the same boat with that one. What I have done is create a smart group stating if "Cylance" does not exist. Then add that smart group to an on-going policy that will install Cylance if the computer enters that group. A work around until I hear from cylance or look through the package contents, which may give me a clue.
I was unable to get a custom package working so instead I just used a script. So, my steps were. 1. Download CylancePROTECT.pkg from my Cylance portal. 2. Upload it to my web server 3. Put the script below into Jamf (we use Jamf school) and run it.
Hey people, just wanted to share how it worked for me. My thing was, when I was deploying a pkg as @Chris_Hafner described, Cylance was still asking me for a reg token(even after when Ive run the policy successfully). So my issue was in Files and Processes I have modified and entered the following command,
sudo sh /private/tmp/Cylance/install_cylance_with_token.sh
Hey people, just wanted to share how it worked for me. My thing was, when I was deploying a pkg as @Chris_Hafner described, Cylance was still asking me for a reg token(even after when Ive run the policy successfully). So my issue was in Files and Processes I have modified and entered the following command,
sudo sh /private/tmp/Cylance/install_cylance_with_token.sh
This tread was very useful and I read through it many times but I kept running into issues. Being new to scripting on a MAC I kept getting the error "command not found". Finally reached out to JAMF support and the install shell script was not in plain text, it was rich text. I was not aware that was a thing or how to change it. JAMF support determined that issue and we were able to get Cylance installed. We then ran into the issue of requiring to allow permissions so we had to create a PPPC and allow extension. https://community.jamf.com/t5/jamf-pro/cylance-system-extensions-with-bigsur/m-p/230861
Now I can move on to my next software deployment through JAMF!
• Open /private/tmp (On a computer with composer) • Create a folder called "Cylance" (Just a suggestion on name) • Drag the cylancePROTECT.pkg into this new folder. • Create a shell script as suggested (example below) and call it something like "install_cylance_with_token.sh"
• Copy the script into that new directory (/private/tmp/Cylance) • Open Composer • Drag the entire "Cylance" directory into Composer (the "Cylance" folder that you created in /private/tmp/) • Check permissions on everything in that composer list. • Package what you have in composer as a .pkg or a .dmg as you prefer. I see no benefit to having this packaged as a .dmg so... • Upload this new package to Casper Admin with whatever notes and settings you prefer. In all likelihood, this will need to be installed after boot, but I'm not positive.
• Create a policy as described above, using the "execute command" field in "Files and Processes" as described. In the case of my example, that would be:
This is what I've done this morning to check. It's working well for me.
P.S. I did consider simply trying to edit the source of the installer as there seems to be a script in the package where we could stick the token, but this process seems simpler.
I am trying to package Cylance with the installation token with Composer. I followed your above guide and created a new package. I manually installed the package on the device, but I can't see the app visible under applications. Any idea why this is happening?
