Skip to main content

Install via Intune for macOS

Nick Gusto
  • Updated

Team: Huntress Managed Endpoint Detection and Response
Product: Microsoft Intune
Environment: macOS
Summary: Automated Huntress Agent deployment via Intune for macOS using a mobileconfig file and an installation script.

 

It is imperative that the mobileconfig file be successfully applied to the macOS endpoint(s) before pushing the installation script. 

Microsoft Intune is a complex and powerful tool for managing endpoints and mobile devices. This guide uses basic settings to deploy the Huntress Agent on macOS devices. Your specific Intune setup may require tweaking or changes. Huntress Support is not able to perform advanced Intune troubleshooting. Please consult the Microsoft documentation or their support channels for Intune assistance. 

 

Getting Started

 

Installing the mobileconfig file

The mobileconfig profile must be successfully deployed to the endpoint(s) before installing the Huntress Agent.

The mobileconfig profile is what allows for a silent installation of the Huntress Agent on your macOS endpoints without being visible to the end user. This Intune policy bundles the necessary FDA and approvals for the Agent, the system extension, and the network content filter.

Access the Microsoft Intune Admin Center:

    • Navigate to Devices > macOS > Manage Devices > Configuration

 

From Configuration:

    • Create Policy > New Policy > Templates > Select "Custom" > Click Create
      • Add a Name and Description > Click Next


 

Configuration Settings:

  • Add the Custom Configuration Profile Name


 

Assignments:

  • Select the Group(s), User(s), or Device(s) that you want this Configuration applied to
    • Click Next

 

 

Review & Create:

  • Review the Configuration and make sure everything is accurate
    • Click Create

 

Confirming the Custom Configuration Profile Has Been Applied:

After the Configuration Policy has been created, return to Devices > macOS > Configuration > and click on the policy.

Clicking on the policy will allow you to view the Device and User Check-in Status to determine whether or not the Configuration Profile has been applied.

  • The Device and User Check-in Status can take up to 20 minutes to update and accurately reflect the Configuration Profile status
    • Rebooting the endpoint can help expedite the Configuration Profile application


 

If you have access to the endpoint, you can confirm the presence of the Huntress mobileconfig manually:

  • Click the Apple Icon (top left corner of your screen) > System Settings > General > Device Management
    • The Huntress mobileconfig will show up in this list if it has been applied to the machine

The Huntress mobileconfig should include the following information:

  • Huntress PPPC for FDA and System Extension
    • Content Filter Service
    • Login Items Policy
    • Privacy Preferences Policy Control
    • System Extension Policy Control


Once the Huntress mobileconfig policy has been successfully applied to the endpoint(s), you can proceed to the next phase and install the Huntress Agent.

 

Installing the Huntress Agent via Intune Script

If you've made it this far and have not installed the Huntress mobileconfig file, please stop what you're doing and return to the previous section.  

 

Create Your Installation Script:

  • Navigate to Devices > macOS > Managed Devices > Scripts
    • Click Add
      • Give your script a name and description
        • Click Next

 

 

Add Script:

When creating or editing our Bash scripts, ensure the file is saved with UTF-8 or Unix encoding to prevent script errors caused by unsupported characters. This is especially true when using text editors on Windows, as most Windows applications will save with non-UTF-8 line endings, which will cause the macOS script to fail. 

  • If you haven't already, download the Huntress Installation Bash script by accessing the link and clicking "Download raw file"
    • Open the Bash script within your favorite text editor
      • Add your Account Key to Line 43
      • Add your Org Key to Line 47
        • Save
  • Upload your Bash script

 

 

Script Settings:

  • "Run script as signed-in user" should be set to "No", because we want the script to run as root
    • The remaining three configuration items can be whatever you'd like
  • Choose Not configured (default) to run a script only once. Scripts with a frequency set will also run after a device restart

 

 

Assignments:

  • Select the Group(s), User(s), or Device(s) that you want this Installation Script applied to
    • Click Next

 

 

Review & Add:

  • Make sure everything is accurate
    • Click Add

 

Checking On the Script Installation Status:

Checking Intune Status:

The newly added script should run within the next few minutes. However, the Intune Dashboard may take up to 20 minutes to accurately reflect the status. Rebooting the endpoint can expedite the script installation process.

To check the script installation status:

  • Return to Devices > macOS > Managed Devices > Scripts > Click on the Huntress Agent Installation script for more details

If the script has been run successfully, the Huntress Agent should show up in the Huntress Dashboard within a few minutes. 

 

Obtaining the HuntressInstaller.log File to Send to Support:

If ~5-10 minutes have elapsed and you still don't see the Huntress Agent within the Huntress Dashboard, you will need to review the HuntressInstaller.log file on the endpoint to gather more information.

Open Terminal on the endpoint, and input the following command to access the location where HuntressInstaller.log is located:

cd /Users/Shared

To view the contents of HuntressInstaller.log, input the following command within Terminal:

cat HuntressInstaller.log

 

Please share the contents of the HuntressInstaller.log file with our Product Support team, and we'll work together to address any issues.

 

Additional information can be found within this Microsoft Support article

Related articles