- Jamf Nation Community
- Products
- Jamf Pro
- Re: QuickAdd Package Finder says it is damaged and...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
QuickAdd Package Finder says it is damaged and can't be opened
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-26-2017 10:16 PM
I'm trying to enrol a computer (myserver/enrol). User can enter username and password, and download the 1.9MB QuickAdd.pkg file.
However, when we try to open the file, the Finder says:
"“QuickAdd.pkg” is damaged and can’t be opened. You should move it to the Trash." With buttons to Cancel or Move to Trash.
Client is an iMac running Sierra (but happened on El Cap). Server is running 9.97.1482356336
Any suggestions as to how to open it? What can cause this? I'm guessing it is Gatekeeper. Security setting is Allow apps downloaded from App Store and identified developers.
Thanks, James.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-27-2017 12:23 AM
More than likely because your QuickAdd package is not signed, and Gatekeeper is turned on. Temporary turn off your security settings and try again. Then in the future, you should sign your QuickAdd packages with Casper Recon.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-27-2017 11:59 AM
Or you could hold down the control key when clicking on the pkg and approve the non signed install with admin credentials.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-27-2017 12:02 PM
Note: I've found this happens for me when more than one account is logged into the machine, so check that as well.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-27-2017 10:27 PM
Thanks for your replies. Certificate was the problem.
The certificate that was signing the QuickAdd.pkg had expired. Got a new one from developer.apple.com and all is good now.
I had to use a defaults.write terminal command to put back the Gatekeeper option in the System Preferences, Security pane, to allow apps from anywhere. Then I could run the QuickAdd package, but it would fail. Looking at the Installer Log showed the invalid certificate issue.
So, for anyone who comes across this when they have the same problem, here's what I did:
- Create a CSR in Keychain Access.
- Use it to get new certificate from developer.apple.com.
- Open that .cer file in Keychain Access.
- Export it from KA as a p12 file.
- Add this file to Global Management/User-initiated Enrollment/Platforms.
Thanks again for your help, and to Rich Trouton for his documentation at:
https://derflounder.wordpress.com/2012/08/13/creating-apple-developer-id-signed-casper-quickadd-installer-packages/
James.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-28-2017 09:47 AM
When trying to remove the developer signature, the above never worked and we found its because our MySQL database is on a separate server.
This is how we fixed it.
Stop Tomcat services (we have 2 - a master and a headless)
Connect to MySQL server and run: mysqlcheck -u root -p --auto-repair -o jamfsoftware
Start tomcat services and try the enroll.
Once the QuickAdd.pkg has been downloaded you can open a terminal sessions and type: pkgutil --check-signature <path_to_QuickAdd.pkg>
This will show a status of : 'no signature' - SUCCESS!!
