We have signed on with ZScaler and they have provided and .app installer. I have used Composer to convert it to .pkg and uploaded it to our repository. When I setup a policy to install the app, I get a log that states it was successful but ZScaler app is not installed on the target machines. Has anyone else run into this issue and what did you do to get it resolved?
I built Zscaler AutoPkg recipes. More information on how to use them to build a Zscaler installer package is available via the link below:
I have a script for Zscaler download and install, it has space for variables to drop in your download link, but thats pretty trivial to get from your Zscaler admin portal. Its not totally automated, but its pretty quick to update the links etc. if anything changes.
#!/bin/zsh ## This will download the version of Zscaler specified in the URL and version name fields # this will check for application signature, if invalid will remove the application and exit with error ## This uses variables in Jamf in order to easily deploy multiple version, or different enforcements/policys ## last updated by Harry Richman, december 2020 ## version 1, revision 2 for Jamf ## Set variables zip="zscaler.zip" app="Zscaler" ## Check is Zscaler is installed or not and to show installed version if it is already if [ ! -f "/Applications/$app.app/Contents/Info.plist" ] ; then echo "`date` $app isn't installed" else ## Get installed version from plist installedVersion=$( defaults read "/Applications/$app/$app.app/Contents/Info.plist" CFBundleShortVersionString ) echo "`date` Installed version of $app is $installedVersion" fi ## set $4 in jamf to be the version number downloading echo "`date` Downloading $app $4" ## Download silently and allow redirects ## Set $5 in Jamf to be the download URL for the version desired curl -L -s -o /tmp/$zip $5 echo "`date` Changing Directory" ## Change Directory cd /private/tmp echo "`date` Unzipping $zip" ## unzip zip into /private/tmp/ sudo unzip -q $zip echo "`date` Remove zip file" ## delete the zip file rm -rf /private/tmp/$zip ## Set installer name by searching installer=$( ls | grep "Zscaler" ) echo "`date` installing Zscaler" ## Install using correct settings, set these all to variables in jamf ## $6 for cloudname ## $7 for policy token ## $8 for domain sudo sh /tmp/$installer/Contents/MacOS/installbuilder.sh --cloudName $6 --policyToken $7 --strictEnforcement 1 --unattendedmodeui none --userDomain $8 sleep 10 echo "`date` moving Uninstaller" ## Move uninstaller to /var to hide from users mkdir /var/Zscaler mv /Applications/Zscaler/UninstallApplication.app /var/Zscaler/UninstallApplication.app echo "`date` removing installer" ## Remove installer from /tmp rm -rf $installer echo "`date` $app version $4 installed" # Set path to newly installed application applicationPath="/Applications/$app/$app.app" # Check signature of installed application to ensure trusted appSignature=$( pkgutil --check-signature "$applicationPath" | grep "Status:" | sed 's/^[ ]*//;s/[ ]*$//' ) ## echo "Application Signature $appSignature" # if unstrusted and exit with error # else, continue if [[ $appSignature != *"signed by a certificate trusted"* ]]; then echo "`date` $app is not trusted, reccomend removing $app" exit 1 else echo "`date` $app version $4 trusted, install succesful" fi exit 0
I am using you r script but I am getting errors like the parameters aren't being passed?
Script result: Mon Nov 15 18:06:21 EST 2021 Zscaler isn't installed
Mon Nov 15 18:06:21 EST 2021 Downloading Zscaler
curl: no URL specified!
curl: try 'curl --help' or 'curl --manual' for more information
Mon Nov 15 18:06:21 EST 2021 Changing Directory
Mon Nov 15 18:06:21 EST 2021 Unzipping zscaler.zip
unzip: cannot find or open zscaler.zip, zscaler.zip.zip or zscaler.zip.ZIP.
Mon Nov 15 18:06:21 EST 2021 Remove zip file
Mon Nov 15 18:06:21 EST 2021 installing Zscaler
Error: There has been an error.
No value provided for option --userDomain
Use --help to get a list of valid options
Mon Nov 15 18:06:36 EST 2021 moving Uninstaller
mv: rename /Applications/Zscaler/UninstallApplication.app to /var/Zscaler/UninstallApplication.app: No such file or directory
Mon Nov 15 18:06:36 EST 2021 removing installer
Mon Nov 15 18:06:36 EST 2021 Zscaler version installed
Package does not exist: /Applications/Zscaler/Zscaler.app
Mon Nov 15 18:06:37 EST 2021 Zscaler is not trusted, reccomend removing Zscaler
Helpful links from Zscaler on how to deploy.
SSL Inspection - https://help.zscaler.com/zia/certificate-pinning-and-ssl-inspection
This is what I do, and it works like a charm.
First Gather 2 or 3 key pieces of information from Zscaler
From the Zscaler Internet Access Admin UI, select Policy from the left navigation bar and click on Zscaler Client Connector Portal in the Mobile section
Select Administration from the top navigation bar in the Zscaler Client Connector Portal and click on Client Connector App Store from the navigation bar on the left
Select the Personal Computer tab and select macOS from the list of Platforms
Zscaler Cloud name
If your organization is provisioned on more than one cloud, your users will normally be prompted to select the cloud to which their traffic will be sent during the enrollment process. To avoid this prompt, you can pre-configure the Zscaler Client Connector to automatically connect to the intended cloud automatically by using this installation option. To determine your cloud name, you can follow the directions in this article
PRIMARY AUTHENTICATION DOMAIN - OPTIONAL
This installation option allows users to skip the app enrollment page. If SSO is enabled for your organization, users are taken directly to your organization’s SSO login page. If you’ve integrated SSO with the app, users can also skip the SSO login page and are automatically enrolled with the Zscaler service and logged in. If your instance has multiple domains associated with it, use the primary domain for your instance.
Use this script as directed and trigger it in a policy