- Jamf Nation Community
- Products
- Jamf Pro
- Re: Cisco Secure Client 5.0.04032 Install with Cho...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Cisco Secure Client 5.0.04032 Install with Choice XML for Umbrella and Dart portions only
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-14-2023 11:50 AM
Everything I'm reading states we should be able to deploy the anyconnect package with only the Umbrella and Dart portions. We don't need the VPN (if this is needed we can still deploy it) or any of the other pieces. But the xml I am trying to deploy keeps failing. I am also using a script. Any assistance would be appreciated.
Choices XML:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<dict>
<key>childItems</key>
<array>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string>Installs the module that enables VPN capabilities.</string>
<key>choiceIdentifier</key>
<string>choice_anyconnect_vpn</string>
<key>choiceIsEnabled</key>
<false/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>59950</integer>
<key>choiceTitle</key>
<string>AnyConnect VPN</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Cisco%20Secure%20Client%205.0.04032/Cisco%20Secure%20Client.pkg#vpn_module.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string>Installs the module that downloads and deploys AMP for Endpoints, as configured by the administrator.</string>
<key>choiceIdentifier</key>
<string>choice_fireamp</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>0</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>1357</integer>
<key>choiceTitle</key>
<string>AMP Enabler</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Cisco%20Secure%20Client%205.0.04032/Cisco%20Secure%20Client.pkg#fireamp_module.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string>Installs the module that collects Cisco Secure Client troubleshooting information.</string>
<key>choiceIdentifier</key>
<string>choice_dart</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>10060</integer>
<key>choiceTitle</key>
<string>Diagnostics and Reporting Tool</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Cisco%20Secure%20Client%205.0.04032/Cisco%20Secure%20Client.pkg#dart_module.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string>Installs the module that provides the Cisco Secure Client with the ability to identify the operating system, antivirus, antispyware, and firewall software installed on the host prior to creating a remote access connection to the secure gateway.</string>
<key>choiceIdentifier</key>
<string>choice_secure_firewall_posture</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>0</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>57974</integer>
<key>choiceTitle</key>
<string>Secure Firewall Posture</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Cisco%20Secure%20Client%205.0.04032/Cisco%20Secure%20Client.pkg#posture_module.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string>Installs the module that provides the Cisco Secure Client with the functionality needed to authenticate to wired or wireless networks controlled by the Identity Services Engine, including examination and any needed remediation of the connecting host environment.</string>
<key>choiceIdentifier</key>
<string>choice_iseposture</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>0</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>8314</integer>
<key>choiceTitle</key>
<string>ISE Posture</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Cisco%20Secure%20Client%205.0.04032/Cisco%20Secure%20Client.pkg#iseposture_module.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string>Installs the Network Visibility Module which collects application telemetry data.</string>
<key>choiceIdentifier</key>
<string>choice_nvm</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>0</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>22175</integer>
<key>choiceTitle</key>
<string>Network Visibility Module</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Cisco%20Secure%20Client%205.0.04032/Cisco%20Secure%20Client.pkg#nvm_module.pkg</string>
</array>
</dict>
<dict>
<key>childItems</key>
<array/>
<key>choiceDescription</key>
<string>Installs the module that enables Umbrella.</string>
<key>choiceIdentifier</key>
<string>choice_secure_umbrella</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>20177</integer>
<key>choiceTitle</key>
<string>Umbrella</string>
<key>pathsOfActivePackagesInChoice</key>
<array>
<string>file://localhost/Volumes/Cisco%20Secure%20Client%205.0.04032/Cisco%20Secure%20Client.pkg#umbrella_module.pkg</string>
</array>
</dict>
</array>
<key>choiceIdentifier</key>
<string>__ROOT_CHOICE_IDENT_Cisco Secure Client</string>
<key>choiceIsEnabled</key>
<true/>
<key>choiceIsSelected</key>
<integer>1</integer>
<key>choiceIsVisible</key>
<true/>
<key>choiceSizeInKilobytes</key>
<integer>0</integer>
<key>choiceTitle</key>
<string>Cisco Secure Client</string>
<key>pathsOfActivePackagesInChoice</key>
<array/>
</dict>
</array>
</plist>
/usr/sbin/installer -applyChoiceChangesXML /private/tmp/anyconnect_choices.xml -pkg /private/tmp/Cisco\ Secure\ Client.pkg -target /
/bin/rm -rf /private/tmp/Cisco\ Secure\ Client.pkg
/bin/rm -rf /private/tmp/anyconnect_choices.xml
17 REPLIES 17
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-14-2023 12:15 PM
I think you’ve got more in your choices file than necessary. Try editing it down like this instead:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>com.example.app.choice1</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>com.example.app.choice2</string>
</dict>
</array>
</plist>
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-15-2023 05:21 AM - edited 08-15-2023 05:21 AM
Normally its just the VPN people want, not the other stuff. You can expand the package and amend the choice file which normally works. follow the stuff in the link and you should get it working:
Installing Components of Cisco AnyConnect 4.7 - Jamf Nation Community - 173802
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-15-2023 09:10 AM - edited 08-15-2023 09:27 AM
For years I have been messing with custom XML's and custom packages to install Cisco I recently found it's easier to install the full package and running script afterwards to uninstall the stuff you don't want.
This also makes it easier when new versions come out. No XMLs or packages to rebuild.
#!/bin/bash
/opt/cisco/secureclient/bin/amp_uninstall.sh
/opt/cisco/secureclient/bin/iseposture_uninstall.sh
# /opt/cisco/secureclient/bin/websecurity_uninstall.sh
exit 0
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-24-2024 01:08 PM
Hey thanks for this, we're switching in a panic from Ivanti and this was very helpful, looks like the best way to maintain going forward.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-15-2024 02:26 PM
I'd like to go this route but we don't need the VPN functionality and I can't figure out how to disable that once it's installed. I see it can be uninstalled, but we're using Umbrella and it needs to be in place for that. Any suggestions?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-15-2024 04:10 PM
Someone asked that I update this script a few months ago, so it should still work. It'll create a package of whatever installer you give it and let you pick which choices to enabled/disable.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-16-2024 10:01 AM
Thanks. I may use this. I liked the idea of being able to do future updates without having to create a package each time, but at least this would be less painful.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-16-2024 10:16 AM
I'd forgotten about this script I'd made a while back.
You can add it to Jamf Pro and then add it to a policy that includes your package. It'll create the choices file for you on the computer and then call it when installing.
https://gist.github.com/talkingmoose/3926e86332e32eb7d05a161c3f7e8f69
It would eliminate the need to keep repackaging the installer.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-16-2024 10:58 AM
Ok that is fancy. I think I'll modify it to use Jamf parameters. Thanks.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-16-2024 01:01 PM
I modified it a bunch to have it generate the ACTransforms.xml file to disable the VPN and to create the OrgInfo.json file for Umbrella and it worked great. Thank you!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-15-2023 09:23 AM
Not that anyone has the time, but it would be interesting to see what deploys quicker. A customized package with xml, or just deploying it all and removing it like @dmccluskey does.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-16-2023 10:08 AM
I went the uninstall method as well.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-21-2023 07:12 AM
Curious if you made any progress on getting the xml to work. Ive tried to get the xml to work to just install only the vpn and running into issues.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-01-2023 12:40 PM
This is what worked for me as of today
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_vpn</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_websecurity</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_fireamp</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_dart</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_posture</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_iseposture</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_secure_umbrella</string>
</dict>
</array>
</plist>
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-15-2023 12:15 AM - edited 11-15-2023 12:34 AM
Hello All,
Did You know the name of "AMP Activator" attribute in the XML File ?
Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-15-2023 12:17 AM
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_anyconnect_vpn</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_fireamp</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_dart</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_secure_firewall_posture</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_iseposture</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_nvm</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_secure_umbrella</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_thousandeyes</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>__ROOT_CHOICE_IDENT_Cisco Secure Client</string>
</dict>
</array>
</plist>this is mine and Works fine ( Ver 5.0.05040 )
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-20-2023 11:57 AM
does anyone know the installation script for jamf
