09-14-2022 01:08 PM
Guys, how are you?
If I may, I use S1 and all the procedures you posted here worked in my organization.
But I'm having trouble deploying another custom PPPC to a platform called Netskope.
I've already tried to modify the file above and also create a new profile with the Amazing Profile Editor.
I found it here on how to Deploy in JAMF, but as we are from the JUMPCLOUD team 😄 I really don't understand how to adjust to our Profile.
I'm having difficulty attaching images and PDF how can I attach the content?
09-14-2022 01:13 PM - edited 09-14-2022 01:15 PM
Below are the values you will need to enter in your MDM system if you are not using JAMF:
App ID: com.netskope.client.Netskope-Client
App Proxy extension bundle ID: com.netskope.client.Netskope-Client.NetskopeClientMacAppProxy
Signing Certificate:
Developer ID Application: netSkope, Inc. (24W52P9M7W)
Team ID: 24W52P9M7W
System Extension type: NetworkExtension
There are two more things that administrator needs to do on the MDM in order to successfully deploy Netskope Client on macOS 11+. The first thing is to download your tenant-specific Root CA and Intermediate CA from your Netskope tenant and distribute them to Big Sur endpoints via MDM. This part is necessary to ensure that Big Sur endpoints trust your Netskope certificates for the purpose of SSL inspection.
The second thing is deployment of a preconfigured VPN profile with approval payload. This will suppress the manual Proxy approval windows by the end-user and allow for no interaction with the end user to successfully install the client.
Since each MDM is different, here are the key values that need to be entered in the VPN profile that needs to be pushed:
Connection Name: Any
VPN Type: Custom SSL VPN
Server: gateway-<yourtenantname>.goskope.com
Identifier: com.netskope.client.Netskope-Client
Provider Designated Requirement: anchor apple generic and identifier"com.netskope.client.Netskope-Client" and (certificateleaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificateleaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificateleaf[subject.OU] = "24W52P9M7W")
New to the site? Take a look at these additional resources:
Ready to join us? You can register here.