JumpCloud Community

Fulgubbe · ‎04-25-2022

Here are two install scripts to install SentinelOne Agent with token on Mac and Linux. Run once a day or so. If installed it will exit installer. Mac version can also be used as a PostInstall script in an empty .pkg if you want to utilize Software Management instead.

We use dropbox to store downloads but if you do remember to change download link to ?dl=1 instead of ?dl=0

Mac Script:

#!/bin/bash

sentinelToken="YOUR SENTINELONE TOKEN GOES HERE"
downloadLink="YOUR DOWNLOAD LINK GOES HERE"
pkgName="NAME OF YOUR INSTALLER PKG.pkg"

#You can put the installer on dropbox or where you prefer.

if [ -d /Applications/SentinelOne/ ];
then
  echo "Already Installed"
  exit 0
else

#Download Agent
curl -L -o /tmp/$pkgName $downloadLink

#Set Token
echo $sentinelToken > /tmp/com.sentinelone.registration-token

#Install Agent
/usr/sbin/installer -pkg /tmp/$pkgName -target /
fi

Linux:

#!/bin/bash

sentinelToken="YOUR SENTINELONE TOKEN GOES HERE"
downloadLink="YOUR DOWNLOAD LINK GOES HERE"
pkgName="NAME OF YOUR INSTALLER PKG.deb"

#You can put the installer on dropbox or where you prefer.

if [ -d "/opt/sentinelone/" ];
then 
	echo "Already Installed"
  exit 0
else

cd /tmp

#Download Agent
curl -L -o $pkgName $downloadLink

#Install Agent
chmod +x $pkgName
dpkg -i $pkgName

#Set Token
/opt/sentinelone/bin/sentinelctl management token set $sentinelToken

#Start Agent
/opt/sentinelone/bin/sentinelctl control start

fi

Fulgubbe · ‎04-25-2022

Btw you also need a custom PPPC profile for Macs.

Here is the XML for Agent version 21.7 and Later

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		<dict>
			<key>PayloadDescription</key>
			<string></string>
			<key>PayloadDisplayName</key>
			<string>Privacy Preferences Policy Control</string>
			<key>PayloadIdentifier</key>
			<string>236FFBB3-159D-4A5F-B146-AAA7BBA11FF0</string>
			<key>PayloadOrganization</key>
			<string>Your Company</string>
			<key>PayloadType</key>
			<string>com.apple.TCC.configuration-profile-policy</string>
			<key>PayloadUUID</key>
			<string>236FFBB3-159D-4A5F-B146-AAA7BBA11FF0</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Services</key>
			<dict>
				<key>SystemPolicyAllFiles</key>
				<array>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.sentinelone.sentineld" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>
						<key>Identifier</key>
						<string>com.sentinelone.sentineld</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>0</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.sentinelone.sentineld-helper" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>
						<key>Identifier</key>
						<string>com.sentinelone.sentineld-helper</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>0</integer>
					</dict>
					<dict>
						<key>Allowed</key>
						<integer>1</integer>
						<key>CodeRequirement</key>
						<string>anchor apple generic and identifier "com.sentinelone.sentineld-shell" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>

						<key>Identifier</key>
						<string>com.sentinelone.sentineld-shell</string>
						<key>IdentifierType</key>
						<string>bundleID</string>
						<key>StaticCode</key>
						<integer>0</integer>
					</dict>
				</array>
			</dict>
		</dict>
	</array>
	<key>PayloadDescription</key>
	<string>Provides access to all disk to Sentinel One processes</string>
	<key>PayloadDisplayName</key>
	<string>SentinelOne - Privacy Control</string>
	<key>PayloadIdentifier</key>
	<string>0F7D9FAD-1257-402C-A942-354723513881</string>
	<key>PayloadOrganization</key>
	<string>Sentinel Labs, Inc.</string>
	<key>PayloadRemovalDisallowed</key>
	<true/>
	<key>PayloadScope</key>
	<string>System</string>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>5961E10D-A589-4A7E-9790-8F1C55511014</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

m1 · ‎06-30-2022

can you share instractions how to use it from jupcmloud

soulhipjafunk · ‎07-06-2022

Yes this would be very helpful if possible.

TomBridge · ‎07-09-2022

Save the XML above into a file called SentinelOnePPPC.mobileconfig.
Login to the JumpCloud Admin Portal.
Click Policy Management.
Click the Green +
Select macOS from the policy types.
Select MDM Custom Configuration Policy.
Upload this file in the custom section.
Apply this policy to your designed scope.

jeff-codecov · ‎06-21-2022

Works perfect, thanks @Fulgubbe !

JumpCloud Community

SentinelOne Command install Script Mac + Linux