JAMF Deployment
  • 09 Feb 2021
  • 2 Minutes To Read
  • Print
  • Share
  • Dark
    Light

JAMF Deployment

  • Print
  • Share
  • Dark
    Light

This guide will highlight key SecureCircle Agent configuration details in JAMF in order to achieve a successful deployment. After following this guide, the administrator will be able to --

  • Ensure that the SecureCircle Kernel Extension is trusted
  • File access configured for the SecureCircle Agent
  • Identify devices that have (and don’t have) the SecureCircle Agent installed
Note:

This guide assumes the SecureCircle package has already been uploaded to Jamf and a base deployment policy is configured.

JAMF deployment script

From within JAMF go to Management Settings → Scripts → New

  • Provide a Display Name (e.g. Install SecureCircle)
  • script tab select from the provided script examples below.

Mac Active Directory Joined deployment script example

curl -o fhfs.pkg  https://SERVER_ID/download/mac/fhfs.pkg
curl -o bundle.tar.gz "https://$SERVER_ID/download/mac/resources/bundle.dat"
mkdir -p "/private/var/tmp/fhfs"
tar -xzf bundle.tar.gz -C "/private/var/tmp/fhfs"
sudo installer -verboseR -pkg fhfs.pkg -target / 

Email based agent deployment script example:

If using the email based agent add the following parameters to your JAMF script

  • options tab

    • parameter 4: jssUser
    • parameter 5: jssPass
    • parameter 6: jssHost
    • parameter 7: secureCircleHost
    • parameter 8: apiKey
    • parameter 9: circleId


Apply Installation Script

Navigate to Policies → New

  • Click on Scripts → Configure

  • Click “Add” for the script created in the previous section (e.g. Installl SecureCircle)

  • Enter your parameter values.

    • jssUser - JAMF administrative user account with read only access
    • jssPass - password for above account
    • jssHost - JAMF server URL (do not include https://)
    • secureCircleHost - SecureCircle server URL (do not include https://)
    • apiKey - SecureCircle API Key for Administrator that can invite and confirm users
    • circleId - SecureCircle CircleID to be used for initial invitation
  • Scope

    • Assign to target computers
  • Options → Maintenannce

    • Enable “Update Inventory”

Configure JAMF

  1. Create a new Configuration Profile (Kernel Extension)

    • In the JAMF console, under Content Management, select Configuration Profiles and select New

    • Under Options, in the General section, name your profile and provide a description (Identify this as the Kernel Extension approval profile)

      • Example –
        JAMP Deployment
    • Under Options, scroll down and select System Extensions. Provide a name and Team Identifier (see below) used by SecureCircle.

      • Use the following Team Identifier (SecureCircle_kernel_extension_id) - 7BQ8CB8A73

        • Example –
          • JAMP Deployment 1
  • Next select Scope and chose your target computers, then select Save
    • Example
      • JAMP Deployment 2

2.  Upload Configuration Profile (SecureCircle, fhagent preferences) - You can use the SecureCircle Agent.mobileconfig attached to this article (check below) or generate your own.

  • NOTE: If you elect to create your own, ensure you have the SecureCircle Agent installed on the device being used for this step-
    1. Download, extract and run the PPPC-Utility: https://github.com/jamf/PPPC-Utility/releases
    2. Once the PPPC-Utility is running, select +(to add to list) and add the following two items
    3. SecureCircle
      1. By default, found in /Applications/SecureCircle
    4. fhagent
      1. By default, found in /usr/local/fhfs/bin/fhagent
    5. fhtools (Only required if users will run fhtoolscommands)
      1. By default, found in /usr/local/fhfs/bin/fhtools
    6. Ensure All Files access has been toggled to Allow, for both applications in PPPC-Utility and select Save

Sample Configuration Profile

Was This Article Helpful?