JAMF Deployment
- Updated On 09 Feb 2021
- 2 Minutes To Read
-
Print
-
DarkLight
This guide will highlight key SecureCircle Agent configuration details in JAMF in order to achieve a successful deployment. After following this guide, the administrator will be able to --
- Ensure that the SecureCircle Kernel Extension is trusted
- File access configured for the SecureCircle Agent
- Identify devices that have (and don’t have) the SecureCircle Agent installed
This guide assumes the SecureCircle package has already been uploaded to Jamf and a base deployment policy is configured.
JAMF deployment script
From within JAMF go to Management Settings → Scripts → New
- Provide a Display Name (e.g. Install SecureCircle)
- script tab select from the provided script examples below.
Mac Active Directory Joined deployment script example
curl -o fhfs.pkg https://SERVER_ID/download/mac/fhfs.pkg
curl -o bundle.tar.gz "https://$SERVER_ID/download/mac/resources/bundle.dat"
mkdir -p "/private/var/tmp/fhfs"
tar -xzf bundle.tar.gz -C "/private/var/tmp/fhfs"
sudo installer -verboseR -pkg fhfs.pkg -target /
Email based agent deployment script example:
If using the email based agent add the following parameters to your JAMF script
options tab
- parameter 4: jssUser
- parameter 5: jssPass
- parameter 6: jssHost
- parameter 7: secureCircleHost
- parameter 8: apiKey
- parameter 9: circleId
Apply Installation Script
Navigate to Policies → New
Click on Scripts → Configure
Click “Add” for the script created in the previous section (e.g. Installl SecureCircle)
Enter your parameter values.
- jssUser - JAMF administrative user account with read only access
- jssPass - password for above account
- jssHost - JAMF server URL (do not include https://)
- secureCircleHost - SecureCircle server URL (do not include https://)
- apiKey - SecureCircle API Key for Administrator that can invite and confirm users
- circleId - SecureCircle CircleID to be used for initial invitation
Scope
- Assign to target computers
Options → Maintenannce
- Enable “Update Inventory”
Configure JAMF
Create a new Configuration Profile (Kernel Extension)
In the JAMF console, under Content Management, select Configuration Profiles and select New
Under Options, in the General section, name your profile and provide a description (Identify this as the Kernel Extension approval profile)
- Example –
- Example –
Under Options, scroll down and select System Extensions. Provide a name and Team Identifier (see below) used by SecureCircle.
Use the following Team Identifier (SecureCircle_kernel_extension_id) - 7BQ8CB8A73
- Example –
- Example –
- Next select Scope and chose your target computers, then select Save.
- Example
- Example
2. Upload Configuration Profile (SecureCircle, fhagent preferences) - You can use the SecureCircle Agent.mobileconfig attached to this article (check below) or generate your own.
- NOTE: If you elect to create your own, ensure you have the SecureCircle Agent installed on the device being used for this step-
- Download, extract and run the PPPC-Utility: https://github.com/jamf/PPPC-Utility/releases
- Once the PPPC-Utility is running, select +(to add to list) and add the following two items
- SecureCircle
- By default, found in /Applications/SecureCircle
- fhagent
- By default, found in /usr/local/fhfs/bin/fhagent
- fhtools (Only required if users will run fhtoolscommands)
- By default, found in /usr/local/fhfs/bin/fhtools
- Ensure All Files access has been toggled to Allow, for both applications in PPPC-Utility and select Save
Sample Configuration Profile –