- #Symantec endpoint protection mac client install#
- #Symantec endpoint protection mac client Patch#
- #Symantec endpoint protection mac client software#
- #Symantec endpoint protection mac client license#
Step 1: Create a new folder on your desktop. I then created the correct file structure then used pkgbuild to make a deployment package. Next, I extracted the payload of this package to that working folder. First, I created a folder to work in so that I could create a package.
Problem located, how do we fix it? The SolutionĪctually, the solution was surprisingly easy. The part that it was missing are these two files.
#Symantec endpoint protection mac client software#
According to Apple,”System Integrity Protection is a security technology in OS X El Capitan that’s designed to help prevent potentially malicious software from modifying protected files and folders on your Mac.” So, essentially, the deployment package was not completing the installation but reporting that it was. The one on the right is attempting to write these files into a directory that is protected by System Integrity Protection or SIP. This minor difference makes a world of difference. The one on the left is the Installers mkpg and the one on the right is the Deployment Package mpkg. Opening the remote package and then extracting the meta package in Pacifist allowed me to open the meta package in Pacifist so that I could look at it the same way. These two files are a dynamic library called libsymsea.1.1.0.dylib and a symbolic link called libsymsea.dylib. If you extract them both, you can see that the Installer App meta package has this package payload as 2 files being put into /usr/local/lib folder. I say similar because although everything looks the same, there is one of these 35 Packages that is inconsistent between the two meta packages. When opening the deployment package in Pacifist, a similar package of the same name is found. This meta package can be found in the Additional Resources folder found in the same folder as the Installer App.
#Symantec endpoint protection mac client install#
The install 35 packages from a meta package called SEP.mpkg. Essentially, both the app and the deployment package do the same thing.
#Symantec endpoint protection mac client license#
Using Pacifist (This is free to use but I have a license for it and I will just say that this is probably the best $20 I have ever spent), I was able to tear apart the packages to see what was going on. So I began by tearing the deployment package and the Installer App meta packages apart. Local installs from on 10.11 Clients were able to link back to our server fine. It is important to note at this point this problem only existed on 10.11 Macs that installed the Client from the Remote Deployment Package that we created. …this would be the resulting status, even after the update.
It even stated that they were installed with no problems, however… (See Attached Pictures)īroken Menu – This is actually missing the entire Management Menu, which allows you to get updates to the SEPM Policy as well as shows the information about the connection to the SEPM Server.Įven in the broken state, the LiveUpdate still worked. It also reported that the virus definitions were out of date despite being able to run Live Update. The Client Application itself was in a state that was able to get updates and install them but was unable to enable virus and spyware protection. This package was placed into our MDM for all computers to install, however, our 10.11 computers were not even attempting to connect to the SEPM server and not getting the policy that we had set for the Macs. This yields a package that should install the client and link it back to our SEPM server. You then open the SEP Installer App, then selecting “Create remote deployment package” from the tools menu. The SymptomsĪs stated before, our deployment package was made via the Official Symantec procedure, in which you export the Installation App from the SEPM with the Additional Resources Folder containing your server and license configuration pointing to your SEPM. I am going to share this information so that you can avoid the heartache and pain that I went through in hunting this problem down and patching it.
#Symantec endpoint protection mac client Patch#
After doing some digging, I was able to find and patch the problem. What was worse, was that the deployment package was reporting that it was installing correctly with no errors reported and the Application seemed to be running fine. This, coupled with problem report tickets for SEP and Mac that came in, showed us an alarming trend…Our Macs running 10.11 were not linking back to our server despite having all of the information to do so. With all the fun news from the end of last month with Symantec, we have been closely examining our SEP deployments and their linking back to the SEPM. These installations are then linked and managed by a Server with Symantec Endpoint Protection Manager (SEPM) installed on it. Without going into great detail about our environment for obvious reasons, we use the latest version of the Symantec Endpoint Protection (SEP) that we deploy through our MDM Server. Here is a fun little issues that I came across in my work’s Mac Environment.
0 kommentar(er)
