Configuring a macOS script policy on Ivanti EPMM
Create a policy for the macOS shell scripts you intend to run on macOS devices. The macOS script policy includes the root certificate used to sign your scripts. [email protected] for macOS uses the certificate to validate the scripts before running them.
Procedure
- Select Policies & Configs > Policies.
- On the Policies page, select Add New.
- Select iOS and macOS > macOS Only > [email protected] macOS Script.
-
In the Add [email protected] macOS Script Policy dialog box, add the root certificate for your macOS shell script, as described in Exporting the CA public key certificate for your macOS scripts.
Item
Description
Name
Enter a name for the policy.
Status
Select the relevant radio button to indicate whether the policy is Active or Inactive.
Only one active policy can be applied to a device.
Priority
Specifies the priority of this policy relative to the other custom policies of the same type. This priority determines which policy is applied if more than one policy is available.
Select Higher than or Lower than, then select an existing policy from the drop-down list.
For example, to give Policy A a higher priority than Policy B, you would select “Higher than” and “Policy B”.
Description
Enter an explanation of the purpose of this policy.
Upload Public Key
Upload the .pem certificate file to the script policy.
Public Key
Once uploaded, the public key displays here.
Max Response Size (in KB)
Enter the maximum response size for any macOS scripts you run on devices. The maximum response size limits the size of data [email protected] for macOS returns to Ivanti EPMM after running a script. This is the stdout or stderr data that is returned when running a macOS script.
- Select Save.
- Select the policy you just created, and apply it to the relevant labels.