Comment on page
Below instructs the use of JAMF to ease installation of the endpoint and any prerequisites. Using JAMF eliminates manual steps needed on Mac to trust the Certificate and accept permissions for our system extension.
- 1.Root Certificate - for trusting the on-device SSL inspection
- 2.Network Extension Permission - for re-routing traffic to the on-device proxy
- 3.VPN Permission - for re-routing traffic to the on-device proxy
- 4.Privacy Preferences Permission - for anti-tampering
You can validate that the 4 payloads are configured
After uploading it to JAMF, you will have the full profile available to target and deploy to devices.
Take your new profile scope, click Scope, and target it to your endpoints:
An screenshot sample of deploying to targets
Add the target machines you want to distribute to.
The profile should have 4 items (certificate, system extension, vpn, and privacy preferences):
All 4 permissions are now on the device. This screen looks slightly different on Mac12
You can also validate the certificate is marked as Always Trust on Keychain Access
Create a JAMF policy with the installation
.pkg(It's a universal binary that supports Intel & Arm)
Directly upload the .zip to JAMF. Scope the target machines you want to send to and send. The target machines should now pick up and install the dope.security package and require no manual intervention.
The next step on the target machines will be to authenticate using Google or O365.