So I have tried the gamut to try to get PFCTL command to run on start up.
since im not editing/turning off SIP for any machines (especially remote users), its not possible for my to edit com.apple.pfctl
since PFCTL exists in /system/library/launchdeamon and it does NOT have the switch to enable, copying the file to /library/launchdaemon, creating a slightly different name, then appending the switch, does nothing.
i have that process fleshed out, but its always a pid of 1
its been chowned and chmod to hell and back ensuring root:wheel access along with everything up to 755 access.
launchagent is out of the question since it needs SUDO
trying the same thing but calling a script that ive put in the JAMF folder also yields the same results
i keep reading that JAMFs login/logout hook integration with apple isnt working since Apple deprecated the login/logout hook - i assume that means that all scripts that target "at login" no longer actually do that. can someone confirm?
i was thinking of being cheeky and editing the jamfmanagement login hook script itself - it contains about 4 commands, 1 of which is just to check the jssconnection - would that be a possibility?
since its not an app i cant force the "app" to launch on start 😞
or maybe someone here has a creative idea on this process. if i cant use launchd/launcha and jamf/apple login hook, then im utterly lost as to what else i can try.