@Chris_Hafner I appreciate your time whenever you can. As per their support article, it's a simple attribute "NoCylanceUI". However, I tried to be cute and add it to your shell script as the following:

#!/bin/sh #!/bin/bash echo PLACE_TOKEN_HERE NoCylanceUI > /private/tmp/Cylance/cyagent_install_token sudo installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target / exit 0

But that didn't work. It installed successfully, obviously, but then was prompted for the install token. So it definitely didn't like my addition to the shell script. Thanks in advance for any help you (or anyone) is able to provide. I've definitely learned that Cylance is a fickle, fickle thing when it comes to installing and uninstalling for both Mac and Windows.

@rosskivowitz I can't test this but from reading the site, I found this within that support article.

The echo command outputs a cyagent_install_token file, which is a text file with one installation option per line

Each installation option must has it's own line so a line break may be needed. Try running this instead

#!/bin/sh

echo 'InstallToken
NoCylanceUI' > /private/tmp/Cylance/cyagent_install_token 
sudo installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target /

exit 0

@fgeronimo Thanks for that. I tried it and it still took some caressing but I was ultimately able to get it working. Thanks for your help as well @Chris_Hafner!

Ross

@rosskivowitz I'm glad that you got it sorted. What was the solution?

@Chris_Hafner To be honest, I think somehow my copy/paste got messed up. I went back and looked at it again last night and I must have tried something funky yesterday. My script is exactly the same as @fgeronimo's, however, when I tried theirs, it prompted me for my install token. I tried it again later on and it worked so I definitely must have messed up the copy/paste which is, needless to say, hard for me to admit. But the following script worked for us:

#!/bin/sh echo 'InstallToken NoCylanceUI' > /private/tmp/Cylance/cyagent_install_token sudo installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target / exit 0

Thanks everyone!

@rosskivowitz It happens to the best of us! Thanks for adding the clarification. This is great info for everyone to have!

@Chris_Hafner I had to come on here just to thank you for the instructions for Cylance to install! I too was having issues which related to simple permissions. After recompiling and uploading back to JSS, it quickly installed on my machine without issues. Thanks again!

@YoshiiZee That's great to hear! I have to admit, I'm loving Cylance and I hope you do as well!

Thanks guys, this thread helped me a lot! I used it to setup and deploy CB Defense (Confer).

Has anyone had any luck with getting the script to work with the most recent release of Cylance? I'm new to JAMF and have had lots of issues with trying to get the script to work properly.

Yep. We've distributed 2.0.1450 to several hundred computers and ran an in-place upgrade for a similar amount. What seems to be the issue?

I'm having a extremely hard time trying to get the script to work properly. The .pkg file I created in Composer finishes successfully though Cylance is not installed. Also, when I run the script (by running "sudo sh /private/tmp/Cylance/install_cylance_with_token.sh") a new file is created that contains the token but the below errors are displayed.

myusername$ sudo sh /private/tmp/Cylance/install_cylance_with_token.sh : command not founde/install_cylance_with_token.sh: line 3: installer: Error trying to locate volume at / : command not founde/install_cylance_with_token.sh: line 6:

I've verified the folder permissions are correct in Composer but still no luck. I'm fairly new to scripting with macOS (and also with JAMF in general) though I copied the script from the original post to verify I didn't miss something.

OK, just to cover all of our bases. Please double check the following. There should be a Directory in /private/tmp called Cylance. This will look like this in Composer (feel free to remove the .DS_Store)

I've screwed this up in the past by changing the name of something... like the installer package itself.

The "install_cylance_with_token.sh" contains the following (note, TOKEN-GOES-HERE should be repalced by your actual token):

#!/bin/sh
#!/bin/bash

echo TOKEN-GOES-HERE > /private/tmp/Cylance/cyagent_install_token 
sudo installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target /

exit 0

The PostInstall script will look just like this:

What appears to be different with what you have?

The post install script was not present, I added it and then from a Terminal ran "sudo sh /Private/temp/Cylance/install_cylance_with_token.sh and it ran without issue. I re-saved the /Private/temp/Cylance/install_cylance_with_token.sh on the device and I just tested it via JAMF.

Thank you for your help, I really appreciate it!!

Hi All - Hoping you can assist

I've created the unattended sh file with the following content

!/bin/sh

!/bin/bash

echo PLACE_TOKEN_HERE > /private/tmp/Cylance/cyagent_install_token sudo installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target /

Packaged into composer and uploaded to jamf. when the command to run the unattended file initiates, it installs cylance and creates a txt file called cyagent_install_token in the location of where the install install pkg is contain the "token" and then Cylance pops up asking to input the token key

I'm I going wrong somewhere, as I would like the token to be entered too during the installation

@Quan.nong Are yous till dealing with this? Sorry, I haven't been following this post very well. I would start looking into permissions but I figured I'd verify you still have the issue first.

@Chris_Hafner Thanks for following up Chris. We've actually parked this solution, due to us renewing our license with Sophos

Did anyone have an issue with the execution script saying "permission denied" when running from /private/tmp/Cylance? The script looks right, but I can't get the script to run...

@cmudgeUWF No, but when I built my Cylance package in Composer I set the package and everything in it to full read/write for everybody. I haven't had any permission issues with it.

I think I managed to figure it out. I got root to have permissions, and it seems to work ok now.

I am able to get Cylance installed correctly, but the pkg also installs an Uninstaller app that I dont want on the users machine. Does anyone know how to remove it?

@pdinh I am in the same boat with that one. What I have done is create a smart group stating if "Cylance" does not exist. Then add that smart group to an on-going policy that will install Cylance if the computer enters that group. A work around until I hear from cylance or look through the package contents, which may give me a clue.

Hope this helps.

@cprimero thats actually pretty smart. i'll have to try that. Thanks for the work around!

I was unable to get a custom package working so instead I just used a script. So, my steps were.
1. Download CylancePROTECT.pkg from my Cylance portal.
2. Upload it to my web server
3. Put the script below into Jamf (we use Jamf school) and run it.

#!/bin/bash

#Make Cylance Directory
mkdir -p /usr/local/bin/cylance

#Go to Cylance directory
cd /usr/local/bin/cylance

#download CylancePROTECT.pkg
curl -LO http://your-web-server/CylancePROTECT.pkg

#Run Cylance Installer
echo replace_with_your_token > /usr/local/bin/cylance/cyagent_install_token
echo VenueZone="replace_with_your_zone" >> /usr/local/bin/cylance/cyagent_install_token
sudo installer -verboseR -dumplog -pkg /usr/local/bin/cylance/CylancePROTECT.pkg -target /

exit 0

How do you deploy CylanceOPTICS,pkg?

Hey people, just wanted to share how it worked for me. My thing was, when I was deploying a pkg as @Chris_Hafner described, Cylance was still asking me for a reg token(even after when Ive run the policy successfully). So my issue was in Files and Processes I have modified and entered the following command,

sudo sh /private/tmp/Cylance/install_cylance_with_token.sh

Rebooted, and agent worked without any issue.

Hey people, just wanted to share how it worked for me. My thing was, when I was deploying a pkg as @Chris_Hafner described, Cylance was still asking me for a reg token(even after when Ive run the policy successfully). So my issue was in Files and Processes I have modified and entered the following command,

sudo sh /private/tmp/Cylance/install_cylance_with_token.sh

Rebooted, and agent worked without any issue.

This tread was very useful and I read through it many times but I kept running into issues. Being new to scripting on a MAC I kept getting the error "command not found". Finally reached out to JAMF support and the install shell script was not in plain text, it was rich text. I was not aware that was a thing or how to change it. JAMF support determined that issue and we were able to get Cylance installed. We then ran into the issue of requiring to allow permissions so we had to create a PPPC and allow extension. https://community.jamf.com/t5/jamf-pro/cylance-system-extensions-with-bigsur/m-p/230861 

Now I can move on to my next software deployment through JAMF!