Prerequisites and general guidelines

Prerequisites

 

Ivanti Automation

macOS

Account

  • Administrator rights to access and add files on the target computer
  • Administrator rights to access and install software on the target computer

The Agent macOS has been tested on the above mentioned Operating System. It may also work on other Operating Systems that support the use of the installation packages.

Use “./resamad --help” or “./resamad -h” to get help content. Use “./resamad –version” to see the agent version.

SUDO mode

The SUDO mode allows the Unix, Linux, or macOS agent to run as a non-root account. The only prerequisite is to have that user added as a passwordless user in the sudoers file.

To support this, a new switch has been added to the agent configuration command line: -u<user UID number>. For example:

./resamad -ddDISPATCHER.COMPANY.COM -u1000 -t"My Team"

No change is needed in the current modules/projects/runbooks. If there are no security credentials present in the execute command task, the agent will elevate to root and after the script is executed, will revert to the user running the resamad process.

Network

When using multicast in your Ivanti Automation environment, port 3163 needs to be open on the machine running the Agent for macOS.

For example, you can do this by adjusting the firewall settings using iptables:

  • iptables -A INPUT -m udp -p udp --dport 3163 -j ACCEPT
  • iptables -A INPUT -m tcp -p tcp --dport 3163 -j ACCEPT

After activating the firewall rules, the Agent for Unix/Linux can be configured with:

/usr/local/bin/resamad -dd<Dispatcher IP or hostname> -t<team name>

The AddToTeam switch (-t) can be useful when you want the agent to automatically get its settings from a specific primary team. Multiple teams can be specified: -t"Linux Team1;Linux Team2; Linux Team3"