Has anyone been through the process of automation the latest version of Safeguard/Filevault with Casper?
The process i have from Sophos is
Its point 3 that i'm struggling to Automate, i'm hoping someone may have come across this before?
Easy make a package that drops that file in a temp location. The command is /usr/local/bin/sgdeadmin --import-config /path/to/zip/file Then make that script run after both the DE packag and the copy of the zip package.
I'm still having issues attempting to install Safeguard.
I have created a pkg to install the DE Package, copy the cert and zip file then run using the below script. The cert is installed but the zip never adds the settings to Safeguard
This is the script i used, can you see anything wrong?
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /private/tmp/safegrdcert/LN7SAFEG01.cer /usr/local/bin/sgdeadmin --import-config /Users/Shared/ManagedClientMac.zip
exit 0 ## Success
exit 1 ## Failure
I wouldn't do it as a post install..I do it as a separate script in jamf
#!/bin/bash postinstall security add-trusted-cert -d -r trustAsRoot -k "/Library/Keychains/System.keychain" "/private/tmp/safegrdcert/LN7SAFEG01.cer" /usr/local/bin/sgdeadmin --import-config /Users/Shared/ManagedClientMac.zip rm -rf /private/tmp/safegrdcert exit 0 ## Success exit 1 ## Failure
I added trustAsRoot - Try changing these around and make sure you have the full chain that validates that cert.
I " " the paths and removed sudo
and #'d your shabang