- Jamf Nation Community
- Products
- Jamf Pro
- nxlog deployment security settings
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
nxlog deployment security settings
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
We are rolling out NXLog to our Macs. I have the installer working, but don't have any security info to configure things like PPPC or System Extensions. I was able to manually tick the box for Full Disk Access, but I am still getting an error message saying that im_maces|in NXLog requires Transparency, Consent, and Control (TCC) approval to connect to Endpoint Security.
If I can find the Bundle ID and Identifier, I should be able to roll that info a PPPC configuration profile which will flip the switch to turn on the Full Disk Access during install, so I don't have to manually do that.
Then to clear the error message I am getting above, I likely need a Team Identifier and/or System Extension type for the System Extensions portion of the Configuration Profile in JAMF.
I have checked their website and don't seem to find anything there in the documentation or message boards about any identifier. Is there a way to find this info out by looking on a system that has the software installed?
11 REPLIES 11
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
@VintageMacGuy The Apparency app (https://mothersruin.com/software/Apparency/) should show you the bundle identifier and signing ID for NXLog
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
I grabbed a copy of Apparency and installed it. I used the drag and drop method to take the binary of nxlog from /opt/nxlog/bin/ and try to get Apparency to open it up, but got an error message that says this doesn't appear to be a valid MacOS bundle. It says the extension suggests that it is a bundle, but the contents don't appear to be valid and that the info.plist may be damaged.
Thanks for the pointer to this utility - may come in handy.
Thanks for the pointer to this utility - may come in handy.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
@VintageMacGuy Interesting they're installing a bundle from there as most companies using System Extensions appear to be moving to bundles inside applications installed in /Applications (and I believe that's either an Apple recommendation or soon to be requirement)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
Yeah - it's more of a script.
https://nxlog.co/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
@VintageMacGuy If you do a Show Package Contents on the nxlog binary in the Finder does it show any contents?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
Yes. The contents of nxlog include:
_CodeSignature/CodeResources
Embedded.provisionfile
MacOS/nxlog
_CodeSignature/CodeResources
Embedded.provisionfile
MacOS/nxlog
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
Dropping the MacOS/nxlog file onto Apparency _might_ give you the signing ID/Team Identifier, but I'm not sure about the extension type
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
Thank you! I was able to find the Team Identifier - 6KBH6TBU4P
Waiting for feedback from the developer on the rest.
Waiting for feedback from the developer on the rest.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
@VintageMacGuy If you're trying to allow nxlog as a System Extension you _should_ be able to simply create a System Extension payload with the System Extension Types popup set to Allowed Team Identifiers and with the Team Identifier field set to 6KBH6TBU4P
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago
Thank you! I am going to give that a try later this afternoon and report back.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2 weeks ago - last edited 2 weeks ago
.
