Hi,
I'm using Jamf Pro (10.50.0-t1693149930} and I was wondering if someone can guide me to creating a configuration profile to block or prevent the "InstallDefender" from installing with Office 365. Any other suggestion affective suggestion is welcome.
https://learn.microsoft.com/en-us/deployoffice/mac/preferences-office#excluding-apps
Thanks in advance.
Hi.
Below is the plist that you need.
Create a new profile, give it a name, add the payload "Application & Custom Settings", copy/paste the plist and use the domain "com.microsoft.office", scope in your targets and save.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>InstallDefender</key>
<false/>
</dict>
</plist>
Shannon
After deploying that config profile, I made a smart group of potential SHIM installs of computers enrolled 9.11.23 until the date I noticed the SHIM issue (in my case the 19th). I assigned a policy to that group that runs the script below, which will uninstall that SHIM and run a custom JAMF event to properly install Defender.
#!/bin/bash
#Is Defender Installed
AppCheck=$( if [ ! -e /Applications/Microsoft\\ Defender.app ]; then
echo "Not Installed"
else
echo "App Installed"
fi )
#Check for binary
simCheck=$( command -v mdatp )
# Attempt to confirm full Defender Install
if [ "$AppCheck" == "Not Installed" ]; then
echo "Defender Not Installed"
/usr/local/bin/jamf recon
/usr/local/bin/jamf policy -event ShimFix
elif [ "$AppCheck" == "App Installed" ] && [ "$simCheck" != "/usr/local/bin/mdatp" ]; then
echo "Only Shim Installed"
/bin/rm -fr /Applications/Microsoft\\ Defender.app
/usr/local/bin/jamf recon
/usr/local/bin/jamf policy -event ShimFix
else
echo "Defender fully installed"
fi
Hi.
Below is the plist that you need.
Create a new profile, give it a name, add the payload "Application & Custom Settings", copy/paste the plist and use the domain "com.microsoft.office", scope in your targets and save.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>InstallDefender</key>
<false/>
</dict>
</plist>
Shannon
Thank you of the suggestion, that worked!
Thank you, Daniel, will definitely keep in this in mind. Fortunately, I only had one mac that shim installed, based on the smart group.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.