After upgrading both of my Macs to High Sierra 10.13.4, I was greeted by several alerts saying that an extension was blocked. OK. Fine. I knew this was coming. The problem for me was that when I went to the Security & Privacy preference pane, and clicked the Allow button, nothing happened. I tried logging out and logging back in, and rebooting. Neither worked. I then logged into a different admin account, and I was able to allow the extensions. I just wanted to pass this on in case anyone else runs into this issue. I haven't figured out exactly why my normal login account could not approve the extensions, but at least the solution was easy.
Regarding Lego Mindstorms NXT issue, the Fantom.kext is indeed very very old and is missing the Team ID.
But according to this:
the Fantom.kext is not actually required, although the other parts from the legodriver.pkg are needed, so just use the nice script provided to skip the kext installation. (the script is not mine, so thanks goes to the creator!)
So, my package installer for NXT (latest version 2.1.f6) is containing the following packages from the original dmg:
MindstormsUnivEdu.pkg MindstormsEngUnivEdu.pkg MindstormsEngi386Edu.pkg (it is called for installation when you run the MindstormsEngUnivEdu.pkg) Mindstormsi386Edu.pkg (it is also called for installation when you run the MindstormsEngUnivEdu.pkg) legodriver.pkg legodriverinstaller.sh
And I'm creating a package that will contain all the files above and will install (actually just copy them) to a temporary folder.
And then, either you can add a postinstall.sh script to the package, but I prefer to create a script in JSS interface, that looks like this:
#!/bin/bash /usr/sbin/installer -pkg /path/to/temporary/folder/MindstormsUnivEdu.pkg -target / /usr/sbin/installer -pkg /path/to/temporary/folder/MindstormsEngUnivEdu.pkg -target / /path/to/temporary/folder/legodriverinstaller.sh /path/to/temporary/folder/legodriver.pkg /bin/rm -rf /path/to/temporary/folder
*please note again that those 2 packages containing "i386" are not supposed to be installed manually, they are automatically called for installation from the MindstormsEngUnivEdu.pkg
Also, you will need to have Adobe Flash npapi preinstalled, otherwise when you run the first package to install (MindstormsUnivEdu.pkg) it will pop-up to install an old version of Flash found inside the package, and I didn't bother to find another way to suppress that.
I just tested it now on High Sierra 10.13.6, and it worked flawlessly, for a crappy old not updated app that is still required in some environments.
@wryder not sure if this has been answered, but you can easily find the TEAM ID's for any application installed (that uses one) by opening up a terminal window and typing the following:
- sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy
- (in the new sqlite prompt type) SELECT * FROM kext_policy;
I tried creating the profile and used the following settings and it kernel panic'd my test machine.
I have no idea why.
I was able to resolve by booting into user account in safe mode and manually allowing the kexts is system prefs.
Also, does anyone know how to reset so that we get the "allow" button back in system prefs?
Thanks for any assistance.
We spent a few days trying to get this to work with Sophos Endpoint (ie Cloud). Submitted a ticket to Sophos and got this link.
Not sure why they won't submit their KEXTs to Apple. This makes administering 700+ iMacs a nightmare. Good thing this happened during Winter Break.
@SFRANCIS004 That is crazy! I was able to get this working for Palo Alto Traps. Before I set up the KEXT in Jamf I had to manually approve, now, Traps installs without any interaction on the remote device. I'm testing out Cisco Anyconnect next, however, I have issues with the pkg where it's not installing correctly. One thing at a time.