I know there are already a number of discussions about deploying AnyConnect, but I haven't seen anything regarding my situation exactly. Here's what I'm doing:
I open Jamf Composer and drop the AnyConnect .pkg file into the left side pane.
I choose "Convert To Source."
I save as a package.
I move the package to JSS via Jamf Admin.
I set up the Policy and point it to the Package using the Jamf Cloud.
I test on a dummy MacBook running Self Service. The installer "runs" but only drops the package in the root folder of the HD.
I cannot get the installer to actually run and install the application in the way that it does for every other app I've set up in Composer.
Once this is resolved I will also need to package an XML file with our VPN server's information, but that seems to be well documented in the forums here.
You don't need to create a custom package to add an XML config file.
You will have a painful process to create again the package after each AnyConnect update (while it is likely that your config file don't change frequently).
Alternatively you can keep original AnyConnect.pkg and include it in JSS. You will update it after each Cisco update.
In the meantime you create a AnyConnectSettings.pkg and included it in JSS (using a postinstall script).
The SelfService policy will first install Cisco package then the settings package.
In addition to reducing maintenance load it will also avoid to sign Cisco's package with you own DeveloperID.
On a security point of view this is a weakness because you 'whitelist' any package with your own corporate signature, bypassing Apple's trust chain for original provider.
I appreciate the tips, but we may have to back way up to see what I'm doing wrong. I've attempted to create this package many, many, many different ways. Each time, after adding the policy to Self Service and pointing it to my package I get one of three things.
1/ an install the finishes and drops a package named AnyConnect.pkg into the "Macintosh HD/" root folder
2/ an install that finishes but as far as I can tell does absolutely nothing
3/ an install that gives me an error
Every other package I've build I simply drag the .pkg or .dmg file (or even the installed app after installing on my dummy computer) into Composer, click "Convert to Source," and then choose that source and select "Build as PKG." Then I upload that package to my JSS. What is different about Composer that won't let me do this?
@derek.ritchison , try dropping the original AnyConnect.pkg that you haven't edited in any way straight into Jamf Admin. Don't do anything in Composer yet. Some .pkg files work this way, although I'm not well-versed enough to understand or explain the difference between those that do and those that don't. Add that .pkg to a policy and see if you can get it to install on your test machine.
I am not familiar with the process with AnyConnect but I'm guessing you can create a package via Composer after the fact that just includes your XML file and stick it in whatever directory you need. Pair that with your untouched .pkg into one single policy so they run at the same time and you might be golden. Sounds like the two previous posters understand the process much better than I but it seems like you may be confused about the ability to drag some .pkg's straight into Jamf Admin so there's my two cents.
Best of luck!