12-03-2020 02:05 PM
Hi all,
We're trying to bring our few Macs into the systems management fold, and being a Microsoft shop we want to use InTune to manage them.
Most Mac packages install files and then are configured in a separate set of commands after install. The XDR Mac client needs the config.xml file in place beside the Cortex XDR.pkg file when installing. I've tried creating a package (using the 'Packages' app) with the xml and pkg files in it and then running a postinstall script as part of that package to kick off the Cortext install using 'installer' as a bash command - but although the files get deployed the Coretex client never gets installed.
Am I going about this the wrong way? Is there a way of modifying the Coretex XDR.pkg file to embed the Config.xml bits inside it so I can just deploy that package directly?
Has anyone successfully deployed this client using InTune?
Any help would be gratefully received.
Mark.
10-01-2025 09:04 PM
So a little more details from my research. Since the script posted by poliveira didn't work (no offense) as a post install script, I added this same script as just a script and includes some lines to check to see of Cortex XDR was already running as a process before executing. But in this mode, the error report in the InTune dashboard for this script is "Run cytool as sudo!". Since in this mode sudo requires authentication with a password, I cannot run it this way as we do not use standard local admin passwords as this password is setup by the Intune process and is random. When I add the sudo -S option to run the cytool program the script attempts to use the "echo Password1" as the sudo password which is not correct. As I understand the setup of the above script the "echo Password1" is intended to be the PW submitted to cytool to be able to force the reconnect.
So, so far, i'm stuck. Any advice? or if I need to provide more details please let me know? As you understand the whole process of using intune to install Cortex XDR is I cannot really depend on the end user doing this themselves.
10-02-2025 08:13 AM
Hi, me again,
As we say in the US, sometimes just talking your problem out loud will lead you to a solution.
So I found an odd article on the internet (a wonderful support tool) that in my intune script I needed to disabled "Run script as signed-in user" which was on by default.
Once I turned that function off then the script I referred to as "poliveira's script" executed and my connect link was configured in Cortex XDR.
So I thank you for your patience and my next research trip will be to see if there's a way to preconfigure the other settings needed by Cortex XDR such in the security and privacy settings screen.
Onward and Upward!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
