Restricting due to Pegasus - not working


Due to Pegasus, I am trying to restrict "" from running, but even though I am getting a pop-up notification telling me that it is being blocked, the app still launches. 

I reviewed the documentation and it seems pretty straighforward - yet it still won't work. It has been about an hour and should have checked in multiple times. I also ran "sudo jamf recon" on the target test machine to be sure it was talking to the JAMF Pro server.

What am I missing?



Legendary Contributor II

Yeah, so you're problem is those double quotes in the Process Name field. I know the description text for that field is a little confusing since it shows the examples in quotes, but you don't want those. Especially when using 'Restrict exact process name'

Just put it in like Messages and try again. It should work, but also be aware that machines need to check in before they'll get updated instructions for Restricted Software. Unlike say, a Config Profile, it's not automatically deployed.

I had tried the following:

Confirmed the process name via "ps -acx" is "Messages".

It's been about 2 hours, so should have checked in multiple times by now.

Legendary Contributor II

Hmm, well then, I dunno. Something's not right. I added a new Restricted Software title for Messages a short while ago using those exact settings, and just put in Messages with no quotes. When my Mac checked in it started blocking launch of IOW, it's working for me, so I don't have an answer why it's not working for you.

As for your Macs and checking in, are you just assuming they've checked in since the change or are you verifying that in the console?

It shows my last check in was 10 minutes ago. And I know it was checking in prior to that as it was displaying the custom message that I had set. If it had not picked up the restriction, or had the wrong app/process name, then none of that should have worked. 

The good news is that it is working now - without the quotes. So thank you for that tip.