- Jamf Nation Community
- Products
- Jamf Pro
- Re: Cyberark EPM Agent installation on macOS
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Cyberark EPM Agent installation on macOS
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-22-2021 10:59 AM
Hi All,
I have created the CyberArk config profile with below info and it got installed successfully.
1) Approved kernel extension with bundle id: DF8U2CCCD8
2) PPPC with the following: Identifier: com.cyberark.CyberArkEPMEndpointSecurityExtension
Code Requirement:
anchor apple generic and identifier "com.cyberark.CyberArkEPMEndpointSecurityExtension" and (certificate leaf[field.1.2.840.113635.100.6.1.9] / exists / or certificate 1[field.1.2.840.113635.100.6.2.6] / exists / and certificate leaf[field.1.2.840.113635.100.6.1.13] / exists / and certificate leaf[subject.OU] = DF8U2CCCD8)
Service:
SystemPolicyAllFiles = Allow
3) System Extensions:
It will not work with the Team ID only. In my testing you must add the system extension for this to work.
Team ID: DF8U2CCCD8
Allowed System Ext: com.cyberark.CyberArkEPMEndpointSecurityExtension
I was executing the installer via below cmd as a script:
sudo /private/tmp/Install CyberArk EPM.app/Contents/MacOS/CyberArkEPMInstaller -configuration /private/tmp/CyberArkEPMConfiguration.json -installationKey XXXXXXXX -adminUser XYZ -adminPassword XYZ -nonAdminEPMUser
But the policy got failed and received below error in logs:
Script result: Could not complete installation on this computer: ExecutionError(executablePath: "/usr/sbin/installer", arguments: Optional(["-pkg", "/private/tmp/Install CyberArk EPM.app/Contents/Resources/CyberArkEPM.pkg", "-target", "LocalSystem"]), terminationStatus: 1, errorMessage: Optional(""))
Remove Endpoint Security extensions Remove launchd agents Remove launchd daemons Remove kext Remove authorization rights Failed to restore authorization right 'com.apple.system-extensions.admin': SecurityError(status: -60005 ("The authorization was denied."), additionalInfo: ("")) Remove PAM modules Remove sudoers settings Remove files and directories Remove users and groups
Can anyone please suggest to sort out this issue?
Thanks
Labels:
- Labels:
-
Policies
3 REPLIES 3
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-01-2021 09:15 AM
@Kapil did you ever get this sorted? I will be needing to do this as well...the only thing I can think of with your question at the end there is to push the PKG via JAMF vs a script. you could try building the pkg in composer and inserting the scripting commands into the pkg as pre/post flights.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-07-2021 12:06 PM
Npotter229 Sorry about late reply, Yes I found the fix and deployed successfully to all users (Big Sur and Catalina OS) from JAMF. I just did a same way above, Packaged the Cyberark and CyberArkEPMConfiguration.json file in a private/temp folder and then added a separate script in policy as below
sudo /private/tmp/Install\ CyberArk\ EPM.app/Contents/MacOS/CyberArkEPMInstaller -configuration /private/tmp/CyberArkEPMConfiguration.json -k (installationKey) -withoutPwdRotation
Try this and it will work fine without any issues. Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-10-2024 08:53 AM
Another thing does downloading the mac agent from a windows pc cause problems so ive just connected to the epm sass to d/l again directly on my MAC and then send it to my packaging colleague over teams.
