Use this procedure to upgrade your App Control macOS Agent by using Jamf Pro.

Prerequisites

This procedure assumes you have already deployed the App Control macOS Agent.

Procedure

  1. Download the DMG file you require. To do this, complete these steps:
    1. In the console menu, click Rules > Policies. The Policies page displays, with a message and link at the top for downloading Carbon Black App Control software.
    2. On the Policies page, click the download link at the top of the page.
    3. On the Download Carbon Black App Control Agent Install Packages page, click Install Package for the relevant DMG file you require, such as APC-5nnnn-xxxxx-mac.dmg.
      The DMG file is downloaded to the Desktop location.
    4. On the Desktop, open the DMG file, and click on the mounted PKG file. View all hidden files and ensure server.conf, config.xml, and the PKG file are displayed.
  2. Prepare the agent upgrade folder. To do this, complete these steps:
    1. In Terminal, go to the /private/tmp folder, and create the agent_upgrade folder.
    2. Open the agent_upgrade folder, and copy into it the three files: server.conf, config.xml, and the PKG file.
    3. Copy the upgrade.sh file from the Desktop into the agent_upgrade folder.
  3. Verify the upgrade.sh file. On the Desktop, open the upgrade.sh file, and verify its contents, such as in the following sample. Ensure that the correct password is shown; it is required to disable and enable Tamper Protection. 
    sudo /Applications/Bit9/Tools/b9cli --password xxxxxx
sudo /Applications/Bit9/Tools/b9cli --tamperprotect 0
sudo /Applications/Bit9/Tools/b9cli installer -pkg /private/tmp/agent_upgrade/Install\ Bit9\ Security\ Platform.pkg -target /Applications/
sudo /Applications/Bit9/Tools/b9cli --password xxxxxx
sudo /Applications/Bit9/Tools/b9cli --tamperprotect 1
  4. Give execution permission for the upgrade.sh file. To do this, complete these steps:
    1. In Terminal, go to the agent_upgrade folder.
    2. Enter the command chmod +x upgrade.sh.
  5. Create a DMG file that is compatible with the Jamf server. To do this, complete these steps:
    1. Open Jamf Composer, copy the agent_upgrade folder from the tmp folder, and place it under SOURCES on the left in Composer.
    2. To see the list of files, navigate to private>tmp>agent_upgrade. The following files are shown: server.conf, config.xml, the PKG file, and the upgrade.sh file.
    3. With agent_upgrade selected under SOURCES, click Build as DMG, select the target location, and click Save. A progress window shows the status of the DMG file that is being built.
      When the package is built, agent_upgrade.dmg is listed under PACKAGES on the left in Composer.
    4. Click on the agent_upgrade.dmg package to view details, such as its location under Desktop.
    5. To verify the agent_upgrade.dmg package details, in the Desktop location in Finder, click agent_upgrade.dmg.
  6. Upload the agent_upgrade.dmg file to the Jamf server. To do this, complete these steps:
    1. Log in to the Jamf server using the Jamf Admin user ID.
    2. Copy the agent_upgrade.dmg file from the Desktop location and paste it into the Packages repository.
  7. Create a policy and perform the upgrade. To create a policy with the appropriate settings and perform the upgrade, complete these steps:
    1. Log in to your Jamf browser.
    2. Under Computers, click Policies, and click New.
    3. Under Options, in the General section, specify a display name, such as Upgrade APPC Agent. Click Enabled, select appc for Category, and check Recurring Check-in for Trigger. Optionally, select Automatically re-run policy on failure, and specify the number of retry attempts.
    4. Under Options, click Packages, and click the + (plus) button. In the list of available packages on the Jamf server, click Add next to the agent_upgrade.dmg package you already uploaded.
    5. Under Options, in the Packages section, with the agent_upgrade.dmg package added, in the Action dropdown, click Install. Ensure all three options are selected: Fill user templates (FUT), Fill existing user home directories (FEU), and Update Autorun data.
    6. Under Options, click Files and Processes, and for the Execute Command field, specify the full script file path and the execution command, for example, sudo sh /private/tmp/agent_upgrade/upgrade.sh.
    7. Under Scope, ensure you add your list of devices which require the agent upgrade. These are listed under Selected Deployment Targets.
    8. Ensure all your settings are correct before continuing to the next step to save the policy.
      Important: When you save your policy in the next step, the agent upgrade is performed.
    9. To save your policy, which will also perform the agent upgrade, click Save.
      The agent upgrade is performed.
    10. Click Logs, and check the execution status in the Status column. For example, the status may be Pending or Completed.
    11. When the status is Completed, click Details, and verify the list of steps performed to ensure each step completed without any issue.

Results

The App Control macOS Agent is upgraded.