Deploying SentinelOne as a Custom App

Learn how to deploy the SentinelOne S1 agent (v4.4+) to your macOS devices as a Custom App. This version will use a System Extension instead of a KEXT approval. The combined profile is compatible with macOS 10.15+.

Setup Requirements in Kandji to Deploy S1:

  • SentinelOne Custom Profile - Download Here

  • Custom App Library Item

Add the SentinelOne Custom Profile:

  1. Click Library on the left-hand navigation bar.

  2. Click Add New in the upper right-hand corner.

  3. Click Custom Profile, then Add & Configure +.

Configure the Custom Profile

  1. Assign a name to the Custom Profile Library Item.

  2. Assign a Blueprint or multiple blueprints.

  3. Set "Device Families" to Mac.
  4. Upload the Sentinel-One-Combined-Profile.mobileconfig profile.

    Sentinel-One-Combined-Profile@2x

    Add SentinelOne as a Custom App:

    1. Click Library on the left-hand navigation bar.

    2. Click Add New in the upper right-hand corner.

    3. Click Custom App from the Add New window.

    Configure the Custom App:

    1. Give your custom app a Name.

    2. Assign your custom app to a test Blueprint.

    3. Select Audit and Enforce as the execution frequency.

    4. Paste the following Audit Script
      (No modifications needed.)

      #!/bin/bash

      #Searching for application via the appPath listed below
      installer="SentinelOne Installer"
      appPath="/Library/Sentinel/sentinel-agent.bundle/Contents/MacOS/SentinelAgent.app/"

      if [[ -e $appPath ]]; then
      echo "$appPath was found. Exiting…"
      exit 0
      else
      echo "$appPath was not found, running $installer"
      exit 1
      fi

    5. Under Install Details, choose ZIP File.

      1. Compress the SentinelOneInstaller.pkg, you downloaded from S1 into a zip file and upload it to Kandji.
    6. For the Unzip Location, input: /var/tmp

    7. Paste the following Pre-Install Script.
      (Update TokenHere with Enterprise Token, place the enterprise token within single quotes).

      #!/bin/sh

      ## Ensure you update the TokenHere below with the Token provided by SentinelOne.

      echo 'TOKEN_HERE' > /var/tmp/"com.sentinelone.registration-token"
    8. Upload the SentinelOne ZIP file.

    9. Paste the following Post-Install Script.
      (Update SentinelOneInstaller.pkg with pkg name that was downloaded prior to compressing it in step 5.a, for example: SentinelOneInstallerVersionxx.xx_xxx.pkg).

      #!/bin/sh

      ## Ensure you update the .pkg name below to properly reflect the proper package name as it was downloaded from SentinelOne.

      /usr/sbin/installer -pkg /var/tmp/SentinelOneInstaller.pkg -target /

    10. Click Save.

    Sentinel-One-Custom-App@2x