JAMF Deployment

This guide will highlight key SecureCircle Agent configuration details in JAMF in order to achieve a successful deployment. After following this guide, the administrator will be able to --

• Ensure that the SecureCircle Kernel Extension is trusted
• File access configured for the SecureCircle Agent
• Identify devices that have (and don’t have) the SecureCircle Agent installed

JAMF deployment script

From within JAMF go to Management Settings → Scripts → New

• Provide a Display Name (e.g. Install SecureCircle)
• script tab select from the provided script examples below.

Mac Active Directory Joined deployment script example

curl -o fhfs.pkg  https://SERVER_ID/download/mac/fhfs.pkg
curl -o bundle.tar.gz "https://$SERVER_ID/download/mac/resources/bundle.dat"
mkdir -p "/private/var/tmp/fhfs"
tar -xzf bundle.tar.gz -C "/private/var/tmp/fhfs"
sudo installer -verboseR -pkg fhfs.pkg -target / 

Email based agent deployment script example:

If using the email based agent add the following parameters to your JAMF script

• options tab

  • parameter 4: jssUser
  • parameter 5: jssPass
  • parameter 6: jssHost
  • parameter 7: secureCircleHost
  • parameter 8: apiKey
  • parameter 9: circleId

Apply Installation Script

Navigate to Policies → New

• Click on Scripts → Configure

• Click “Add” for the script created in the previous section (e.g. Installl SecureCircle)

• Enter your parameter values.

  • jssUser - JAMF administrative user account with read only access
  • jssPass - password for above account
  • jssHost - JAMF server URL (do not include https://)
  • secureCircleHost - SecureCircle server URL (do not include https://)
  • apiKey - SecureCircle API Key for Administrator that can invite and confirm users
  • circleId - SecureCircle CircleID to be used for initial invitation

• Scope

  • Assign to target computers

• Options → Maintenannce

  • Enable “Update Inventory”

Configure JAMF

1. Create a new Configuration Profile (Kernel Extension)

   • In the JAMF console, under Content Management, select Configuration Profiles and select New

   • Under Options, in the General section, name your profile and provide a description (Identify this as the Kernel Extension approval profile)

     • Example –
       

   • Under Options, scroll down and select System Extensions. Provide a name and Team Identifier (see below) used by SecureCircle.

     • Use the following Team Identifier (SecureCircle_kernel_extension_id) - 7BQ8CB8A73

       • Example –
         • 

• Next select Scope and chose your target computers, then select Save. 
  • Example
    • 
      

2.  Upload Configuration Profile (SecureCircle, fhagent preferences) - You can use the SecureCircle Agent.mobileconfig attached to this article (check below) or generate your own.

• NOTE: If you elect to create your own, ensure you have the SecureCircle Agent installed on the device being used for this step-
  1. Download, extract and run the PPPC-Utility: https://github.com/jamf/PPPC-Utility/releases
  2. Once the PPPC-Utility is running, select +(to add to list) and add the following two items
  3. SecureCircle
     1. By default, found in /Applications/SecureCircle
  4. fhagent
     1. By default, found in /usr/local/fhfs/bin/fhagent
  5. fhtools (Only required if users will run fhtoolscommands)
     1. By default, found in /usr/local/fhfs/bin/fhtools
  6. Ensure All Files access has been toggled to Allow, for both applications in PPPC-Utility and select Save

Sample Configuration Profile –