Posted on 01-22-2021 08:43 AM
After a LOT of head banging, I finally am able to deploy Malwarebytes Endpoint Agent to computers via JAMF. I wanted to share to help others who may be looking for assistance. Please feel free to tweak any of this as there may be better ways, but this worked for me.
FYI … this is the deployment method that worked for me in JAMF
1) Log in to the Malwarebytes Nebula platform.
2) Go to Downloads.
3) In the Mac section, click Download to download the Mac Endpoint Installer to your local device.
4) For JAMF the brackets [ ] are incompatible, replace the PKG filename brackets to an underscore enclosing the account token.
File name downloaded Setup.MBEndpointAgent[xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx]_.pkg
New file name Setup.MBEndpointAgent__xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx__.pkg*
5) Upload the renamed package to JAMF
6) Upload & Scope “Malwarebytes KEXT Whitelist”
7) Upload & Scope “Privacy Settings Whitelist - Malwarebytes Protection”
8) Create script to register the installation with Nebula
#!/bin/sh
cd /Library/Application Support/Malwarebytes/Malwarebytes Endpoint Agent/EndpointAgentDaemon.app/Contents/MacOS/
sudo ./EndpointAgentDaemon ACCOUNTTOKEN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
sudo launchctl stop com.malwarebytes.agent.daemon
sudo launchctl start com.malwarebytes.agent.daemon
exit
9) Create & Scope a Policy to Install the package & run the script (set script to run AFTER)
10) Deploy
Posted on 01-22-2021 11:56 AM
Thanks for posting. I believe you'll want to remove the "sudo"s from the script for best results, since it will run as a Jamf policy.
Posted on 03-04-2021 03:39 AM
Not exactly sure why but I'm getting an exit code of 139 using this script
Posted on 03-24-2021 05:58 AM
Malwarebytes uninstall script anything is available?
Posted on 07-24-2022 12:58 PM
Thanks for posting!
Where do you get the below info?
EndpointAgentDaemon ACCOUNTTOKEN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Thanks!
Posted on 07-24-2022 01:04 PM
Specifically, where do you get the "accounttoken"?
Posted on 11-09-2022 02:04 PM
The account token is in the filename. It is all the "x"'s