Posted on 12-12-2023 06:28 AM
Since the JAMF Cloud update over the weekend, I see all clients now have the JAMF Remote assistant binaries / apps etc installed and a launchdeamon running..
We do not have it enabled in JAMF.
We cannot have remote access apps / binaries installed without testing and passing security etc.
There is no way to disable this 'functionality' of auto installing (I've asked)
There are no official uninstall processes at the moment (I've asked)
This is a very very bad idea installing this automatically.
Posted on 12-12-2023 07:12 AM
I have noticed that JAMF Clouds patching leaves a bit to be desired. Notification of date happens literally the day before the patches. My org wants notifications for changes in the week before they happen. Heck, I just need to know the week so I know when to submit the request, I can set time windows later. I ask my reps about a possibility for earlier notifications and get no response.
I get needing to beta test, but not all of us have time for that.
Posted on 12-12-2023 08:24 AM
They announce it 2 to 3 weeks before the update is sent out here is the link for the upgrade to 11.1.https://community.jamf.com/t5/release-info/jamf-pro-11-1-now-available/ta-p/303281
Posted on 12-12-2023 07:19 AM
@jamf-42 I don't disagree that being able to selectively enable/disable Jamf Remote would be appropriate, but if you want control over what version of Jamf Pro you're running you should sign up for Jamf Premium Cloud which offers that option (among other things very useful for enterprise type environments).
Posted on 12-12-2023 07:36 AM
@sdagley yup.. fully aware of J Prem Cloud.. but that only would delay the issue.. and not provide required updates.. PI fixes.. I note that the installer for jamf remote assist is here in /Library/Application Support/JAMF/Jamf.app/Contents/MacOS/JamfDeamon.app/Contents/Resources/JamfRemoteAssist.pkg
ugh..
12-12-2023 07:51 AM - edited 12-12-2023 07:52 AM
I was going to reply that I'd hope a year was long enough to get approval for Jamf Remote Assistant (or get Jamf to make its installation an optional event) since that was what I remember Jamf Premium Cloud offering originally but the current spec sheet states "Choose and upgrade to any current or past two versions". I know we've gone more than two versions without updating in the past so if there is a hard limit of two versions now that's an unfortunate change.
You could always use a Software Restriction (or any other tool you've got deployed for process control) to prevent the Remote Assist process from running.
Posted on 12-12-2023 07:54 AM
I need it all gone from all devices.. so far the answer is 'you can write a script' I really don't have time to engineer a fix to something that should never happen..
Posted on 12-12-2023 08:39 AM
So, you can't disable the LaunchDaemon? I would imagine turning that off would stop the rest of the functionality, but I have no hands on experience with this new thing yet, so I'm only guessing. I'm not on the latest cloud release yet, so I haven't run into it yet.
That being said, I DO agree with you that it's highly presumptuous of Jamf to just auto install this on each machine. There needs to be some GUI control over this in the Jamf Pro interface. I mean, heck, they let us control whether something like Self Service is even pushed to any enrolled computers, which is a considerably less concerning tool than something that allows for remote assistance or remote access. Lots of environments need to vet things like this and get approval to use them. I'm surprised Jamf is just rolling this out like that with no control over if/when it gets installed. If this is supposed to be their answer to the defunct Jamf Remote.app, then we had control over whether that was enabled for us in each environment as well. This new tool needs to follow the same enablement process.
Posted on 12-12-2023 09:11 AM
In looking at the pkg with Suspicious Package there is an uninstall script in the pkg Here is the script I founf in it
12-12-2023 09:16 AM - edited 12-12-2023 09:19 AM
yup.. seen all that.. and if you run, it fails.. there is no /Library/Application\ Support/grapplemdm/
and thats only for /Library/Application Support/JamfRemoteAssist/11.1.1-t1701704198
much more is lurking in /Library/Application Support/Remote Assist
including Install Uninstall and Wipe binaries..
Posted on 12-12-2023 09:32 AM
Well I thought i found a solution guess not. I have ours enabled we had Jamf Remote, ARD, and screen sharing already approved so this was easy since it is just essentially a screen sharing utility from what I can gather. Good luck!
Posted on 01-10-2024 08:56 PM
We had a device with Remote Assist chewing 95% CPU and its process running for 35 hours.
Spoke to support and they provided the details below. You might need to create an extension attribute to detect that it is installed as its not in the application folder/appear in inventory.
To Uninstall
sh "/Library/Application Support/JAMF/Remote Assist/Uninstall"
To Install
/usr/sbin/installer -pkg "/Library/Application Support/JAMF/Jamf.app/Contents/MacOS/JamfDaemon.app/Contents/Resources/JamfRemoteAssist.pkg" -target /