Does anyone out there have experience packaging Triton Forcepoint AP-WEB up for distribution through the JAMF? The current ZIP that I have has two .pkgs included in the folder along with a .cer file, .hsw file & .xml file. I believe the WebsenseEndpoint.pkg kicks off the installer WebsenseEPClassifier.pkg then somehow configures the client with the necessary files. I am looking to combine all these into one .pkg file. An help / direction would be greatly appreciated.
Thanks in advance and have a great holiday season!
Sorry for the delayed response.
Yes, I created a package to deploy the files to a folder on the machine then the policy runs a command to kick off the installer. The command line to run is: sudo /usr/sbin/installer -pkg /Library/Application Support/JAMF-CustomApps/triton832607new/WebsenseEndpoint.pkg -target /
According to the vendor this is the best practice.
I've tried the custom package using the install files that come with Websense and was able to get it download to the client. Unfortunately, it downloads to the desktop and the script fails to find the installer files after that. Changing the script to point to the desktop does kick off the installation but then the files remain there and that's something that I want to avoid.
I tried the snapshot method as well and it failed.
I was actually able to do this with Composer. In speaking with Jamf, I had to put the files in a place where I wanted the files to download to so that the install could run. Then I dropped the files into Composer and had it create my package. I uploaded the package to Jamf and created the policyI then used the script supplied by cdinges with changes to the location of the files that I need to run. It worked after that but the files don't delete after the install, which I'm okay with.
Essentially once you have built the package with the Forcepoint Package builder you would upload the file using casper admin.
-You would then want to create a policy to deploy the zip. (ideally with a smart or static group but could be targeted users).
-Then make a second policy that looks for that package already installed and have it run a bash script to run the installer with the sudo prefix.
sudo unzip ./endpoint.zip
The endpoint package (not the classifer.pkg) contains the installer and will call on the other files from the zip so ensure you run the command inside the directory where the zip has been extracted.
I hope this information helps!
NOTE: This should work for the DLP or Web endpoint. Use whatever flags or context paths needed to run in a commandline install in your script.
Are you disabling Kernel Extensions as per Forcepoint's documentation to deploy this software?
This doesn't seem like an option for me. I have tried to allow the specific kernel extensions for Forcepoint DLP but the software doesn't install correctly.
Team Id: C489D5E8E8
Bundle Ids: com.websense.endpoint.process, com.websense.endpoint.process.kpi, com.websense.endpoint.dlp
I'm also using their prebuilt Config Profile to give Full disk access. The product installs, but it missing components such as the icon in the menu bar. Any direction would be appreciated.