Skip to main content

Can anyone help me with the script for removing SEP in JAMF? My script skills are not that good. I'm more of a copy and paste guy.



This link seems to have the best info.
https://knowledge.broadcom.com/external/article?legacyId=TECH103489



I have downloaded the SymantecRemovalTool modification zip provided at the bottom of the page. I then view the command via Xcode copy and paste it into a new script create in Jamf. Next, I create a Policy including the script. The policy fails with a script exit code:4



The below step I don't follow. Is anyone willing to share their Policy? (Pics of Policy would be awesome so I know what is meant by a dummy script)



**Symantec provides support for SymantecRemovalTool/RemoveSymantecMacFiles only when running them locally; it is the customer's responsibility to integrate SymantecRemovalTool with Apple Remote Desktop or other remote deployment tools.



Both of these tools require no arguments. Any arguments they receive are each assumed to be potential installation points for Symantec products. Remote deployment solutions (Casper, JAMF, et al) that automatically populate shell script arguments ($1, $2, etc) with other data may cause the Symantec tool to throw an error. To work around this, the remote deployment solution may be configured to call first a dummy script that in turn calls the removal tool without any extra arguments.**

Create a package that places the script locally, say in /tmp for example. Then create a policy that installs the package and then executes the following command from the Files and Processes payload...



/private/tmp/SymantecRemovalTool.command

Thanks for the help. I had issues getting your method to work. I'm sure it was on my end. I ended up using this script using this link.
https://gist.github.com/rderewianko/6aa0032f19e57b595e0fdae4470f6286

Can anyone tell me if this script(the one provided in the GitHub link) also removes ALL Symantec products or if it just removes SEP? We utilize other Symantec products in our environment like the WSS agent and DLP and need those to remain.

whats the point having JAMF if we have to go though all this pain by ourselves

I create a script with



rm -r /private/var/tmp/SymantecRemovalTool
mkdir /private/var/tmp/SymantecRemovalTool
/bin/cat >/private/var/tmp/SymantecRemovalTool/SymantecRemovalTool.command <<"EOF"
<Here goes the SymantecRemovalTool.command script from symantec>
EOF
chmod +x /private/var/tmp/SymantecRemovalTool/SymantecRemovalTool.command



Then create a policy with this script payload with Before option selected, and a File and Process payload with running the command
/private/var/tmp/SymantecRemovalTool/SymantecRemovalTool.command && rm -r /private/var/tmp/SymantecRemovalTool



So this policy creates the Script in a temp folder, then runs as root and then clears its directory.
With Catalina and Later OS, and SEP 14.3 the user has to approve the removal of the system extension.



Also packaging is an option, but sometimes our good old SEP blocks pkg downloads from our https distribution point. So script way is a better option for us.

Content backfill required
Content backfill required
Content backfill required

Yuk !! where is the txt file ?


Shoot me an email and I can attach it.  It's too many characters to fit in the source code box.  swallace@mckinneyisd.net

Can you please send me a txt file so I can try this script? Thank you so much!


If you'll send me an email, I'm happy to attach it.  I can't fit it in the source code box here.  swallace@mckinneyisd.net

Content backfill required

https://knowledge.broadcom.com/external/article/151387

Reply


Terms & ConditionsCookie settings