Pulse Secure host checker?

dlprentice
New Contributor III

Hi Guys,

We are getting ready to deploy Pulse Secure to our Mac systems. Is there recommended process that host checker should look for to verify a system has our Jamf MDM installed and ultimately allow the connection?

Hopefully this question makes sense :)

Thanks!

1 ACCEPTED SOLUTION

DBrowning
Valued Contributor II
8 REPLIES 8

sdagley
Esteemed Contributor II

@dlprentice You could check for JamfDaemon as a running process to indicate Jamf Pro is running. If the Pulse Secure host checker has the ability to run a script you could do a jamf checkJSSConnection and see if the last line of the response is:

The JSS is available.

DennisMX
Contributor II

Don;t know the options in Pulse Secure, but if you are able to check for a certificate on connection and push that cert with Jamf?

DBrowning
Valued Contributor II

We have our host checker looks for the jamf binary.

dlprentice
New Contributor III

Good information guys, thank you all. I see a few processes in Activity Monitor. The Binary would be the one listed as just "jamf" right?
dee85325aadb44cca61b73f1d69694e4

DBrowning
Valued Contributor II

correct

tvalente
New Contributor III

Having an issue since Jamf Pro 10.30.3 where the Host Checker suddenly cannot find the JamfAgent process or the "jamf" process and hence does not allow connection to VPN.

We're a bit puzzled as to why a binaries update would break the Host Checker feature, since we are indeed able to see those processes running. I'll update here when we find out.

DBrowning
Valued Contributor II

@tvalente 10.30.3 has removed the persistence of the jamf binary running. You'll need to look for jamfDaemon. This is what support told us and a lot of others. The removal was not documented in release notes. The jamf binary will only run when called now.

tvalente
New Contributor III

@DBrowning Thanks for your answer.
We've had more or less the same answer from support.

The JamfAgent daemon has been deprecated in 10.30 and will be fully deprecated in the near future https://docs.jamf.com/10.30.0/jamf-pro/release-notes/Deprecations_and_Removals.html the jamfAgent has had all of its code removed in 10.30. It's still on managed Macs and should still be running, but it does absolutely nothing.

We've switched to monitoring the existence of one Jamf's LaunchDaemons (/Library/LaunchDaemons/com.jamfsoftware.task.1.plist) since we found that using processes is not reliable.