Installation Process - Silent

Downloading the macOS Installation Package

In the case of macOS, the dope.endpoint has one universal installation package that supports:

• Apple Intel • Apple Silicon (Native)

This page is for a device where a Mobile Device Management (MDM) profile has not been installed. To install on a device with an MDM profile installed see Installing using MDM on Mac

Select the installer package for your device

After selecting the installation package you require, a ZIP file will be downloaded to your device. The ZIP file will be called dope_security_mac_<processor type>_<build number>.zip

The ZIP file will contain the following three files:

  •<build number>.pkg — The dope.endpoint installer.

  • — The Root CA, required for SSL inspection.

  • agent_parameters.json — Tenant-specific data required for the installation process.

All three files must be in the same directory or the installation will FAIL.

To install the dope.endpoint go to a terminal and enter the following command:

sudo installer -pkg<build number>-<process type>.pkg -target /

Running this command will kick off the installation process but with no UI. There will be a prompt to allow the installation to start:

There will be a prompt to allow the Root CA to be installed:

The final prompt is to allow the application to run. There's a prompt to open the macOS security and preferences settings:

Open the security preferences dialog box. Run the application:

All of the prompts above will not appear on a device where a MDM profile has been installed. For more details see Installing using MDM on Mac.

When the dope.endpoint has been successfully installed, and endpoint authentication has been enabled (see: Users), one of these dialogs will be displayed prompting you to login via either your Google or Microsoft O365 corporate email.

Log in with the appropriate corporate email address.

Multi Factor Authentication (MFA) will also be required if enabled

Once the user has successfully authenticated, the dope.endpoint will be configured with the dope policy you have assigned them in the dope.console. If you have not assigned them a specific policy, they will automatically be assigned the Base Policy.

Where endpoint authentication has not been enabled (see: Users) the user will not be prompted to authenticate and will get the Base Policy.

Last updated