Help

Jamf Pro 10 & Microsoft Intune Integration: Hiding Microsoft Company Portal.app post-installation

dan-snelson
Valued Contributor II

Posted on ‎07-17-2018 11:53 AM

In our integration testing of Jamf Pro and Microsoft Intune, we've had a handful of users directly launch the Microsoft Company Portal after it was installed.

Since users will need to launch the Company Portal app from Jamf Self Service for macOS to register their ..., we're testing out the following Files and Processes > Execute Command to hide the Company Portal.app after its installed:

/usr/bin/chflags hidden /Applications/Company Portal.app/ ; /bin/sleep 30 ; /usr/bin/sqlite3 $(/usr/bin/sudo find /private/var/folders -name com.apple.dock.launchpad)/db/db "DELETE FROM apps WHERE title='Company Portal';" && /usr/bin/killall Dock

753fcf1320a14ccebb9041cfb93e1d6d

Also, we've observed that the version of Microsoft AutoUpdate bundled with the Company Portal installer is out-of-date, so we're installing Microsoft_AutoUpdate_4.1.18070902_Updater.pkg right after Microsoft Company Portal-1.5.pkg is installed.

Reply
8 REPLIES 8

ThijsX
Valued Contributor
Valued Contributor

Posted on ‎07-17-2018 01:22 PM

Cool. Thanks for sharing @dan.snelson hits the like button booyah

0 Kudos
Reply

KyleEricson
Valued Contributor II

Posted on ‎07-17-2018 01:24 PM

Why are you hiding? I have two policies one to install the Company Portal.pkg and then the built-in JAMF policy to register the device via Self Service.

Read My Blog: https://www.ericsontech.com
0 Kudos
Reply

dan-snelson
Valued Contributor II

Posted on ‎07-17-2018 01:38 PM

@kericson We're trying to prevent users from launching Company Portal outside of Self Service.

0 Kudos
Reply

dan-snelson
Valued Contributor II

Posted on ‎08-31-2018 07:41 AM

The following update for Mojave will disable:
System Preferences > Dock > Show recent applications in Dock

/usr/bin/chflags hidden /Applications/Company Portal.app/ ; /bin/sleep 30 ; /usr/bin/sqlite3 $(/usr/bin/sudo find /private/var/folders -name com.apple.dock.launchpad)/db/db "DELETE FROM apps WHERE title='Company Portal';" ; /usr/bin/su - "`/usr/bin/stat -f%Su /dev/console`" -c "/usr/bin/defaults write com.apple.dock show-recents -bool NO" && /usr/bin/killall Dock
0 Kudos
Reply

patgmac
Contributor III

Posted on ‎09-24-2018 11:40 AM

@dan.snelson that completely disables recent apps, correct? Not just Company Portal?

0 Kudos
Reply

dan-snelson
Valued Contributor II

Posted on ‎09-24-2018 11:43 AM

Correct, @patgmac … got a slick trick to remove just Company Portal from recent apps? (I poked around com.apple.dock.plist for a bit and would love to hear your approach.)

0 Kudos
Reply

patgmac
Contributor III

Posted on ‎09-24-2018 12:18 PM

@dan.snelson I don't (haven't checked), was just confirming before I went this route. Thanks for the tip!

0 Kudos
Reply

hansjoerg_watzl
Contributor II

Posted on ‎11-30-2018 01:02 AM

We also have the problem, that many users are not reading our guide and trying to register with Company Portal directly from the applications folder and not with Self Service.

We then tried to play with restricted software (block Company Portal as long as you're not registered). This would be the perfect solution, as users are not able to run Company Portal before registering with Self Service, but after the register, they can use Company Portal for checking their state.
Unfortunately this does not work, as Self Service is just starting Company Portal from the local Mac and this triggers the restriction rule. It seems Self Service only allows restricted programs, when they are started from inside a Self Service package.

It would be great, if JAMF could change this in the future, so any apps which are started from Self Service (but are already located on the local device) would not be blocked by the restriction rule. This would give us many more possibilities...

Reply