Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Deploying SentinelOne as a Custom App

            By Andrew Merrick

            Learn how to deploy the SentinelOne S1 agent (v4.4+) to your macOS devices as a Custom App 

            This version will use a System Extension instead of a KEXT approval. The combined profile is compatible with macOS 10.15+.

            Setup Requirements in Kandji to Deploy S1:

            • SentinelOne Custom Profile - Download Here

            • Custom App Library Item

            Add the SentinelOne Custom Profile:

            1. Click Library on the left-hand navigation bar.

            2. Click Add New in the upper right-hand corner.

            3. Click Custom Profile, then Add & Configure +.

            Configure the Custom Profile

            1. Assign a name to the Custom Profile Library Item.

            2. Assign a Blueprint or multiple blueprints.

            3. Set "Device Families" to Mac.

            4. Upload the Sentinel-One-Combined-Profile.mobileconfig profile.

            Add SentinelOne as a Custom App:

            1. Click Library on the left-hand navigation bar.

            2. Click Add New in the upper right-hand corner.

            3. Click Custom App from the Add New window.

            Configure the Custom App:

            1. Give your custom app a Name.

            2. Assign your custom app to a test Blueprint.

            3. Select Audit and Enforce as the execution frequency.

            4. Paste the following Audit Script.
              (No modifications needed.)

              #!/bin/bash

              #Searching for application via the appPath listed below
              installer="SentinelOne Installer"
              appPath="/Library/Sentinel/sentinel-agent.bundle/Contents/MacOS/SentinelAgent.app/"

              if [[ -e $appPath ]]; then
              echo "$appPath was found. Exiting…"
              exit 0
              else
              echo "$appPath was not found, running $installer"
              exit 1
              fi

            5. Under Install Details, choose ZIP File.

              1. Compress the SentinelOneInstaller.pkg, you downloaded from S1 into a zip file and upload it to Kandji.

            6. For the Unzip Location, input: /var/tmp

            7. Paste the following Pre-Install Script.
              (Update TokenHere with Enterprise Token, place the enterprise token within single quotes).

              #!/bin/sh

              ## Ensure you update the TokenHere below with the Token provided by SentinelOne.

              echo 'TOKEN_HERE' > /var/tmp/"com.sentinelone.registration-token"

            8. Upload the SentinelOne ZIP file.

            9. Paste the following Post-Install Script.
              (Update SentinelOneInstaller.pkg with pkg name that was downloaded prior to compressing it in step 5.a, for example: SentinelOneInstallerVersionxx.xx_xxx.pkg).

              #!/bin/sh

              ## Ensure you update the .pkg name below to properly reflect the proper package name as it was downloaded from SentinelOne.

              /usr/sbin/installer -pkg /var/tmp/SentinelOneInstaller.pkg -target /

            10. Click Save.


            Preview
            0 of 0