Jamf Nation Community

Asifahmed · ‎06-08-2023

Hello I need a help to deploy Nexthink collector app on mac through Jamf.

I have .dmg for Nexthink which is having 4 different component, if I copy the .dmg file under /tmp and drag into composer and click on convert into source then shows me 4 components in a separate window, but composer never shows the actual path like /tmp/Nexthink.dmg, still I closed the window and built it as .pkg , but if I run manually on my mac it says incompatiable on this device. Any easy way to deploy Nexthink on mac through Jamf using by .dmg file?

sdagley · ‎06-08-2023

@Asifahmed You should consult the Nexthink docs on deploying via Intune (https://docs.nexthink.com/platform/latest/deploying-collector-on-macos-using-intune) and adapt the script they provide there. There is a separate section in that guide on creating the needed Configuration Profiles in Jamf Pro, so why they don't also provide Jamf Pro specific deployment instructions I don't know.

jamf-42 · ‎06-08-2023

you can always go old school with composer and try building it with a snapshot?

mm2270 · ‎06-08-2023

I wouldn't do this. It's unlikely to work. Nexthink provides a special command line installation tool you can push to the Mac (csi.app) and then call it in a script for a remote installation.

pete_c · ‎06-09-2023

Packaging and deploying the csi.app is what I've done for the last four builds of Nexthink, works fine.

This EA might also be of use:

config="/Library/Application Support/Nexthink/config.json"

if [ -f "$config" ]; then

	VERSION=$(/usr/bin/awk -F\" '/version/ { print $4 }' "$config" )

else

	VERSION="Not Installed"
fi

echo "<result>$VERSION</result>"

kiltedtenor · ‎06-21-2023

Do you have anymore info on how this process is done? I've tried to modify the Intune script to do ti that way, but I think packaging up the csi.app is what I'm going to have to do. I've been able to package it in composer, but I'm not sure I'm deploying it to the right place or if I'm calling it properly with a script to actually run the installation.

mm2270 · ‎06-08-2023

Seconding @sdagley's recommendation on consulting any documentation from Nexthink. I worked with a TM there and they helped me get their agent deployment working properly.

You need to deploy and use the csi.app that's inside the disk image for any kind of remote install. You call that in a script and pass the necessary parameters to it. Their documentation has more information in it on how to do that.

Asifahmed · ‎06-08-2023

But why cant I make it packaged after placing the .dmg into /tmp?

mm2270 · ‎06-08-2023

@Asifahmed I'm not sure I understand your question. It DOES need to be packaged and deployed, but the reality is the only item from the DMG you need to push is the csi.app. The other items are GUI installers/uninstallers and can't be run through an automation script as they weren't designed for that.

Here's what my Nexthink package looks like in Composer.

I'm only pushing the csi.app and the customer key into a folder in /private/tmp/ From there, a post install script (in the Jamf policy, not in the package) runs and references the path to the csi.app and executes it with the necessary flags and settings to do the installation.

Asifahmed · ‎06-09-2023

Ok, After running the .dmg file I copied the csi.app thehn copied to /tmp, and then dragged into composer and built as .pkg, now if I run the script below, I am getting the below.

sudo /private/tmp/csi.app/Contents/MacOS/csi -address Mycompany-prod-engine-1.eu.nexthink.cloud -tcp_port 443

+ macOS Collector Installer/Uninstaller Tool

+ Copyright Nexthink S.A. 2022

Unable to read the json configuration file: /Library/Application Support/Nexthink/config.json

The installation requires an address, and the customer Key.

asif@FVFJ7MNQ1WFV ~ %

What exactly I need to do here? And I am on the correct way for script?

Asifahmed · ‎06-09-2023

BTW, I putted the customer key and it got installed successfully, but still throwing the message that cant read the file

/Library/Application Support/Nexthink/config.json

But this time I mean running the command I can see the config.json file exist.

Any idea why it is throwing such message?

SMR1 · ‎06-09-2023

Would you mind sharing what your post-install script looks like?

mm2270 · ‎06-09-2023

Sure, the below is the script, sanitized to remove some of our URLs and other custom information. Some of the flags we were instructed to use may not apply to your case, so customize it as needed.

Basically almost everything under the ## File paths and variables heading you would need to input your own values.

#!/bin/zsh

## File paths and variables
source_dir="/private/tmp/Nexthink_Install"
installer_path="${source_dir}/csi.app/Contents/MacOS/csi"
key_path="${source_dir}/Nexthink-customer-key.txt"
cloud_url="nexthink-url-here"
pac_url="http://proxy-url.pac"

## Check that required items are in the expected locations
if [[ -e "$installer_path" ]] && [[ -e "$key_path" ]]; then
    ## Installation with required flags
    /bin/echo "Beginning installation..."
	"$installer_path" \
    -address "$cloud_url" \
    -tcp_port 443 \
    -data_over_tcp enable \
    -use_assignment enable \
    -engage enable \
    -ra_execution_policy signed_trusted_or_nexthink \
    -key "$key_path" \
    -anonymize_username disable \
    -windows_focus_time_monitoring enable \
    -user_interaction_time_monitoring enable \
    -anonymize_wifi_network disable \
    -proxy_pac_address "$pac_url"
else
    /bin/echo "Could not start installation. Some required items are missing. Exiting..."
    exit 1
fi

Zman · ‎06-15-2023

All good stuff here. I settled on the Nethink inTune script I hacked up. The one thing I noticed with the latest version 23.4.4.10_1 is they changed the folder structure and the previous extension attributes won't work.

if [ -f "/Library/Application Support/Nexthink/config.json" ] will fail since now they use

"/Library/Application Support/NexthinkVersions/23.4.4.10_1/config.json"

Looks like they will be using the version number for folder name. Just a FYI if you are relying on the EA for any smart group deployments. Still trying to figure out how to work this out without hardcoding since my scripting skills are awful.

mm2270 · ‎06-15-2023

Thanks for this heads up. I have to look, but I don't think we're (yet) using that version, so good to know. I'm not sure why they would have started using a version specific folder now. Doesn't make any sense to me, but whatever.

As for updating an EA, there's several ways to future proof that. You could for example set a variable for the config.json file by doing a find against the general path.

config_json=$(/usr/bin/find /Library/Application\ Support/NexthinkVersions/*/config.json)

Note that the path to search is not double quoted. Find doesn't work with a * wildcard if you double quote the path because it thinks you're looking for a literal asterisk as part of the folder path.

The only gotcha here could be if the Nexthink install leaves behind some older version folders. I really hope it doesn't do that since it would locate all of them and mess up the script. If there's only ever one "NexthinkVersions/<version-number>" path, then the above should work.

sdagley · ‎07-14-2023

@Zman Can you confirm that "/Library/Application Support/Nexthink/" does not exist on your Macs with Nexthink 23.4.4.10_1 installed? We're still running 23.3.3.3_1, and it has the "/Library/Application Support/NexthinkVersions/23.3.3.3_1/" folder but there is also a "/Library/Application Support/Nexthink/" alias to that folder.

GlennFawcett · ‎06-22-2023

Copy .dmg to Jamf, create a package with installation commands, and test on Mac. Contact Jamf support if needed.

Jamf Nation Community

Nexthink deployment