Covalence from Field Effet won't take the licence that is push

Jsynotte
New Contributor II

I'm attempting to install Covalence from Field effect that is a cyber threat monitoring. I'm trying to install the agent and push the licence from Jamf. I'm following the article they gave us (See "Deploying the Endpoint Agent via Jamf" below). So I push the three configuration profile like they suggest, copy the information from the licence XML file in the Configuration profile like they suggest.

When my test MacBook have receive the configuration profile and can confirm they are there, I push the agent. The installation is completed, but the agent won't take the licence.

I've already created a ticket with Jamf and Field Effect, but I take a chance with the Jamf Nation community

 

Deploying the Endpoint Agent via Jamf

When deploying the Covalence package file (.pkg), the license needs to be distributed prior to installing the Covalence agent using a device configuration profile. 

 

Additionally, you’ll need two other MDM configuration profiles: one for explicitly allowing the system extension, and one to provide it with the TCC Full Disk Access permission.

 

Refer to the official Jamf documentation for an in-depth workflow.

 

For convenience, the following sample configuration profiles (.mobileconfig) have been included with the Covalence installer bundle (.zip package):

  • .\mdm\macos\generic\covalence_license.mobileconfig
  • .\mdm\macos\generic\covalence_sysext.mobileconfig
  • .\mdm\macos\generic\convalence_ttc.mobileconfig

Add the Covalence License

Use the following manuals steps. A Jamf-specific covalence_license.mobileconfig can alternatively be provided.

  1. Go to Configuration Profiles.
  2. Select New.
  3. Set the Name to Covalence macOS License.
  4. Go to Applications & Custom Settings > Upload.
  5. At the Upload screen press the Addbutton and:
    1. Set Preference Domain to com.fieldeffect.covalence
    2. Set the Property List to where [license] is replaced with your license string:

<?xml version="1.0" encoding="UTF-8"?>

        <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

        <plist version="1.0">

            <dict>

                <key>License</key>

                 <string>[license]</string>

            </dict>

        </plist>

Press the Save button in the bottom right corner.

 

Add explicit system extension approval

There is an issue with the covalence_sysext.mobileconfig not uploading properly, use the following manual steps in the interim:

  1. Go to Configuration Profiles.
  2. Select New.
  3. Set the Name to Covalence macOS System Extensions.
  4. Go to System Extensions.
  5. At the Configure System Extensions screen click the Configure button.
  6. Unselect the Allow users to approve system extensions if you don't want users installing agents.
  7. Under Allowed Team IDs and System Extensions:
    1. Set the Display Name to Field Effect Software Inc.
    2. Set the System Extension Types to Allowed System Extensions.
    3. Set the Team Identifier to KSBE8M6M6F.
    4. Under ALLOWED SYSTEM EXTENSIONS click the Addbutton and:
      1. Set the empty field to com.fieldeffect.covalence.esext
      2. Press the Save on the adjacent line
  8. Press the Save button in the bottom right corner.

 

Add explicit TCC approvals

  1. Go to Configuration Profiles
  2. Select New
  3. Set the Name to Covalence macOS Privacy Policies
  4. Go to Privacy Preferences Policy Control
  5. At the Configure Privacy Preferences Policy Control screen press the Configure button
  6. If an App Access group doesn't exist press the + button to add one
  7. Under App Access:
    1. Set the Identifier to com.fieldeffect.covalence
    2. Set the Identifier Type to Bundle ID
    3. Set the Code Requirement to:

 identifier "com.fieldeffect.covalence" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13] and certificate leaf[subject.OU] = KSBE8M6M6F

  1. Unselect Validate the Static Code Requirement if selected.
  2. Click the Add button adjacent to APP OR SERVICE.
  3. Under APP OR SERVICE select SystemPolicyAllFiles.
  4. Under ACCESS select Allow.
  5. Click the Save button on the adjacent line.
  6. Add another App Access group.
    1. Set the Identifier to com.fieldeffect.covalence.esext.
    2. Set the Identifier Type to Bundle ID.
    3. Set the Code Requirement to:

identifier "com.fieldeffect.covalence.esext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13] and certificate leaf[subject.OU] = KSBE8M6M6F

  1. Unselect Validate the Static Code Requirement if selected.
  2. Click the Add button adjacent to APP OR SERVICE.
  3. Under APP OR SERVICE select SystemPolicyAllFiles.
  4. Under ACCESS select Allow.
  5. Click the Save button on the adjacent line.
  6. Press the Save button in the bottom right corner.
1 ACCEPTED SOLUTION

Jsynotte
New Contributor II

Got an answer of Field Effect. Didn't use the JAMF mobileconfig they gave but the generic one and this licence have work. 

View solution in original post

1 REPLY 1

Jsynotte
New Contributor II

Got an answer of Field Effect. Didn't use the JAMF mobileconfig they gave but the generic one and this licence have work.