@bmarks][/url][/url][/url
I would use Apple Installer's ChoiceChangesXML.
To disable default installation of the WebSecurity module, make a ChoiceChangesXML file that deselects the websecurity choice:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<dict>
<key>attributeSetting</key>
<integer>0</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_websecurity</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_vpn</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_dart</string>
</dict>
<dict>
<key>attributeSetting</key>
<integer>1</integer>
<key>choiceAttribute</key>
<string>selected</string>
<key>choiceIdentifier</key>
<string>choice_posture</string>
</dict>
</array>
</plist>
While the vpn, dart, and posture choices are selected above, their dictionaries may be omitted entirely if not deselecting them – installer will just use the defaults, which is to install those bits.
Then, run the installer specifying the ChoiceChangesXML:
sudo installer -pkg AnyConnect.pkg -target / -applyChoiceChangesXML someChoiceChanges.plist
If there's a plan on running a GUI installer, you can also optionally "gray-out" or disable a choice; or make it invisible altogether using the enabled and visible choiceIdentifiers. To see all the options, run:
installer -showChoiceChangesXML -pkg AnyConnect.pkg
As for ACTtransforms.xml, it is useful for deploying customized AnyConnect installations via ASA. The Adaptive Security Device Manager (ASDM) ingests the file to enable the ASAs to deploy AnyConnect with the options specified. Examples are in the AnyConnect downloads area once logged-in to cisco.com with a CCO account.