Agent configuration for Mac devices

Ivanti® Endpoint Manager uses agent configurations to gain control of devices and manage them. For Mac devices, these configurations are pushed to unmanaged devices using the same process used to push agents to Windows devices.

The Default Mac Configuration package contains the required agent for controlling Mac devices. To use this functionality, create a Mac agent configuration and then deploy the agent to your Mac devices.

After the agents have been installed, your Mac devices become managed devices. Then you can create custom configurations to have greater control of these devices.

Deploying agents to Mac devices that use Secure Shell (SSH)

To place agents on Mac devices that have Secure Shell (SSH) turned on, you must specify the SSH login credentials for the unmanaged Mac devices by selecting Configure > Services > Scheduler > Change Login from the Windows console. You can then use the same push-based agent deployment you would use for Windows devices.

Deploying and installing agents on Mac devices that do not use Secure Shell (SSH)

To place agents on Mac devices that do not have Secure Shell (SSH) turned on, you will need to decide on an alternate deployment method, such as:

  • Accessing the agent from LDLogon/Mac using a Web browser and e-mailing the configuration package to users.
  • Putting the configuration package on a USB drive or other removable media and taking it to each Mac device.

Deploying agent configurations for Mac devices

Use the Agent configuration tool to create and update (replace) custom configurations for your Mac devices. You can create different configurations for your specific needs, such as changing inventory scanner settings, remote control permissions, or what network protocols the agents use.

In order to push a configuration to devices, you need to create or update an agent configuration and then schedule the task.

Create or update the agent configuration

Set up specific configurations for your devices. Don't use parentheses in your Mac agent configuration names. Parentheses in the name will cause the deployment task to fail. Once you've deployed an agent configuration, you can use agent settings to update that configuration without having to redeploy the full configuration.

To create an agent configuration for Mac devices
  1. Click Tools > Configuration > Agent configuration.
  2. Select a configuration group (My configurations or Public configurations). On the toolbar, click the New agent configuration button > New Mac agent configuration.
  3. Complete the options in the Agent configuration dialog box. For more information, click Help.
  4. Click Save.
To schedule an agent configuration for Mac devices
  1. Click Tools > Configuration > Agent configuration.
  2. Right-click the agent configuration to be scheduled and select Schedule agent deployment.
  3. From the network view, drag devices, groups, or queries onto the task to target devices for the task.
  4. Select the task, click the Properties button on the toolbar, and schedule a time to start the task.
To update an agent configuration with a change settings task
  1. Follow the instructions here: Create change settings tasks.
Manually running agent configurations for Mac devices

You can manually run agent configurations for Mac devices once they have been created or updated. When you create an agent configuration, the following file is created in the LDLogon/Mac folder on your core server:

  • <agent configuration name>.dmg

The LDLogon/Mac folder is a Web share and should be accessible from any browser. Follow the instructions for installing the agent (see Manually running agent configurations for Mac devices), but insert your agent configuration file name instead of the default file name.