Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
back

SafeNet Agent for macOS Logon

Installing, Configuring, Upgrading, and Uninstalling the agent

search
printsuggest an edit

Installing, Configuring, Upgrading, and Uninstalling the agent

Note

  • Administrative rights to the macOS system are required for installing, upgrading, configuring, and uninstalling the agent.
  • After upgrading the agent, it is highly recommended to run the Configure_macLogon script file available in the package as per your configuration.

This section describes the following ways to install, configure, upgrade, and uninstall the agent:

copy link to clipboardUsing Jamf Pro

This section describes the steps to perform the installation, upgrade, configuration, and uninstallation of the agent using Jamf Pro. This process is used to deploy the macOS Logon Agent on multiple machines.

copy link to clipboardPrerequisites

  • A valid Jamf Pro license purchased from Jamf
  • Jamf Pro setup on the targeted machine

copy link to clipboardSilent Installation and Upgrade

Perform the following steps to add and run the policies on a targeted machine:

  1. Log in to Jamf Pro.

  2. Click the Settings icon on the top right-hand side corner.

  3. Select Computer Management, and then click Packages.

  4. Click New to add a new package.

  5. In the General tab, enter a Display Name for the package, and then click Choose File to upload SafeNet_Agent_For_macOS_Installer.pkg. Now, click Save at the bottom right-hand side corner.

  6. To add a policy, click Computers > Policies in the left pane, and then click New.

  7. In the Options tab, under General,

    a. Enter a Display Name for the policy.

    b. Select the Enabled check box.

    c. Select the options to Trigger Event(s) (to use to initiate the policy) as per your requirement.

    d. Select the Execution Frequency (frequency at which to run the policy).

  8. Click Packages, and then click Configure.

    a. Click Add (next to the package name) to select the above added .pkg file.

    b. Select Cloud distribution point from the Distribution Point drop down.

  9. Select the Scope tab, and then add the target computers and target users to run the Jamf policies. You can click Add, displayed next to Selected Deployment Targets to add a specific target, and then click Save.

    Execution of the policy to install the Mac Logon agent by using Jamf Pro policies on the targeted machine will be done automatically (based on the configured trigger event).

copy link to clipboardSilent Configuration

Perform the following steps to configure the agent on a targeted machine:

  1. Add the following parameters in the downloaded .agent file.

    Refer the following parameters in the sampleConfig.agent file:

    "PrimaryTokenValidatorUrl": "",
"SecondaryTokenValidatorUrl": "",
"agentStatus": "0",
"usernameFormat": "1",
"agentMode": "1",
"byPassAdmin": "1",
"emergencyPassword": "1",
"logLevel": "3",
"usernameFormat": "0",
"BsidKey": "",
"defaultAuthenticator": "1",
"internetReqTimeoutInSec": "10"
Parameter Functionality Values
PrimaryTokenValidatorUrl [Mandatory] Primary Server URL
SecondaryTokenValidatorUrl [Optional] Secondary Server URL
agentStatus [Mandatory] To turn on/off the macOS Logon Agent 0- Off, 1- On
Default: Off
usernameFormat [Mandatory] To set the username format 0- username, 1-domain\username, 2-user@domain.com
Default: username
BsidKey [Mandatory] Use Agent.bsidkey in the .agent file that is downloaded from STA
agentMode [Mandatory] To set the agent configuration mode 1
byPassAdmin [Optional] To bypass strong authentication for domain administrators 0- No, 1-Yes
Default: Yes
emergencyPassword [Optional] To allow use of emergency passwords 0- No, 1-Yes
Default: Yes
logLevel [Optional] To set the minimum Log level 0 - Critical, 1- Error, 2- Warning, 3- Info, 4- Debug
Default: Info
defaultAuthenticator [Optional] Automatically use the default authenticator that is set for each user 0 - No, 1 - Yes
Default : Yes
internetReqTimeoutInSec [Mandatory] Maximum duration in seconds after which authentication request to STA - primary followed by secondary, timeouts and the request fails. Default : 10
Minimum value : 10

  1. Copy the content of the updated .agent file.

  2. Open Configure_macLogon script file and paste the content (that you copied in the previous step) in line 3 between ' and ':

    echo 'copied_content' > /usr/local/thales/MLA.agent

    alt_text

  3. In Jamf Pro, click the Settings icon on the top right-hand side corner.

  4. Select Computer Management, and then click Scripts.

  5. Click New on top right-hand side corner to add a new script.

    a. In the General tab, enter a Display Name for the script.

    b. In the Script tab, copy and paste the updated Configure_macLogon.sh script.

    c. Click Save.

  6. To add a policy, click Computers > Policies in the left pane, and then click New.

  7. In the Options tab, under General,

    a. Enter a Display Name for the policy.

    b. Select the Enabled check box.

    c. Select the options to Trigger Event(s) (to use to initiate the policy) as per your requirement.

    d. Select the Execution Frequency (frequency at which to run the policy).

    e. Click Script, and then click Configure. Now, click Add (next to the script name) to select the above added script.

    f. Select the Scope tab, and then add the target computers and target users to run the Jamf policies. You can click Add, displayed next to Selected Deployment Targets to add a specific target.

    d. Click Save.

    Execution of the policy to configure the macOS Logon agent by using Jamf Pro policies on the targeted machine will be done automatically (based on the configured trigger event).

copy link to clipboardSilent Uninstallation

Perform the following steps to uninstall the agent on the targeted machine:

  1. In JamfPro, click the Settings icon on the top right-hand side corner.

  2. Select Computer Management, and then click Scripts.

  3. Click New on top right-hand side corner to add a new script.

  4. In the General tab, enter a Display Name for the script.

  5. In the Script tab, copy and paste the SafeNet_Agent_For_macOS_UnInstaller.sh script.

  6. Click Save.

  7. To add a policy, , click Computers > Policies in the left pane, and then click New.

  8. In the Options tab, under General,

    a. Enter a Display Name for the policy.

    b. Select the Enabled check box.

    c. Select the options to Trigger Event(s) (to use to initiate the policy) as per your requirement.

    d. Select the Execution Frequency (frequency at which to run the policy).

    e. Click Script, and then click Configure. Now, click Add (next to the script name) to select the above added script.

    f. Select the Scope tab, and then add the target computers and target users to run the Jamf policies. You can click Add, displayed next to Selected Deployment Targets to add a specific target.

    d. Click Save.

    Execution of the policy to configure the macOS Logon agent by using Jamf Pro policies on the targeted machine will be done automatically (based on the configured trigger event).

copy link to clipboardUsing Installation File

This section describes the steps to perform installation, upgrade, and uninstallation of the agent using an installation file.

copy link to clipboardAdd Installer

Perform the following steps to install or upgrade the agent:

  1. Locate the installation file and run the following installer:

    SafeNet_Agent_For_macOS_Installer.pkg

  2. Perform the following steps in the Installation wizard:

    a. On the Introduction page, click Continue.

    alt_text

    b. On the License Agreement page, read the software license agreement, click Continue and to proceed, and click Agree to accept the license agreement.

    alt_text

    c. On the Destination Select page, click 1.

    alt_text

    d. On the Installation Type page, click Install.

    alt_text

    e.Enter the administrator's Username and Password, and click Install Software.

    alt_text

    After successful authentication, the agent is installed, and a successful installation message is displayed.

    alt_text

    Note

    The agent files are installed at a fixed location.

copy link to clipboardSilent Installation and Upgrade

To install or upgrade the SafeNet Agent for macOS Logon in silent mode, perform the following steps:

  1. Open the terminal and navigate to the folder which contains the installer.

  2. Run the following command from the command line:

    sudo installer -store -pkg SafeNet_Agent_For_macOS_Installer.pkg -target /

  3. To configure the agent,

    a. Update the sampleConfig.agent (available in the downloaded package) as per your requirement.

    b. Copy the content of the updated sampleConfig.agent file.

    c. Open Configure_macLogon.sh script file and paste the content (that you copied in the previous step) in line 3 between ' and ':

    echo 'copied_content' > /usr/local/thales/MLA.agent

    alt_text

    d. Run Configure_macLogon using the following command:

    sh Configure_macLogon

copy link to clipboardUninstalling the agent

You can uninstall the SafeNet Agent for macOS Logon in two ways:

Perform the following steps to uninstall the agent:

  1. Run SafeNet_Agent_For_macOS_UnInstaller, provided with the installer package.

  2. Enter your local administrator password.

Or,

Perform the following steps using the terminal:

  1. Navigate to the directory where the package is downloaded.

  2. Run the following command:

    sh SafeNet_Agent_For_macOS_UnInstaller

  3. Enter the administrator password.

All the installed files of macOS Logon agent will be uninstalled.

On this page