How To 
Home » Features »

How To 

How to deploy SentinelOne on macOS devices using Endpoint Central?

This document will guide you through the steps involved in deploying Sentinelone to multiple computers running Mac operating system using Endpoint Central's Software Deployment feature.

Table of Contents

  1. Prerequisites
  2. Create the Package
  3. Deploy to the target computers
  4. Upgrading SentinelOne Software

Prerequisites

Mac devices must be enrolled in MDM because configuration profiles, an MDM payload which is used to manage settings and permissions, can only be deployed to enrolled devices. This is essential for remotely installing the  SentinelOne and applying the necessary permissions, including PPPC(Privacy Preferences Policy Control), Web Content Filter, and System Extension configurations.

Before you install the SentinelOne on macOS devices, deploying PPPC, Web Content Filter and System Extensions configurations is essential. You can deploy them as a single configuration as a Custom Configuration Profile

If your Mac is not enrolled, refer to this link to complete the MDM enrollment process

Note: Kindly ensure that these configurations are successfully deployed on the end machines before deploying the SentinelOne.

Custom Configuration Profile

Follow the steps below steps to deploy the Custom Configuration Profile. This profile includes the necessary permissions for macOS, such as PPPC, System Extensions, Network/Web Content Filters.

    Mac Custom Configuration Navigation

  1. In the Endpoint Central console navigate to Configurations > Configuration > Mac > Custom Configurations Computer Configurations.

    Mac Custom Configuration Console view

  2. Specify a Name and Description for the configuration.
  3. Download the custom configuration profile in the .mobileconfig format and upload this file in the Custom Configuration profile field using the Browse option.
  4. Define the Target computers to which you are deploying the SentinelOne.
  5. Enable the Execution Settings if required.
  6. Click Deploy/Deploy Immediately to deploy your configuration.

Package Creation for SentinelOne

Follow the below steps to create the manual package:

  1. Download the SentinelOne installer package for macOS from your SentinelOne management portal.

    Manual Mac Package Creation Navigation

  2. In the Endpoint Central Console, navigate to Software Deployment tab > Package Creation > Packages > Add Package > Mac.

    SentinelOne Software Package Creation

  3. Enter a name for your package in the Package Name field.
  4. Provide appropriate license type for the software under License Type.
  5. Under Installation, upload the following:
    1. The file registration token file named com.sentinelone.registration-token
    2. The SentinelOne installer package file. Example file name: Sentinel-Release-23-4-1-7125.pkg
  6. Under the Advanced Options, provide the below commands in the Installation Command field.

    sudo cp com.sentinelone.registration-token /tmp && sudo installer -pkg "./[SentinelOne Package File Name].pkg" -target /

    For example,

    sudo cp com.sentinelone.registration-token /tmp && sudo installer -pkg "./Sentinel-Release-23-4-1-7125.pkg" -target /

    Kindly note that the SentinelOne package file name should be replaced with the installer file downloaded by you in the above given command.

     

  7. Click Add Package to create your package.
  8. You can view the created package under Packages.

Deploy SentinelOne to Target Computers

  1. Under Packages, select the package created and click on Install/Uninstall Software > Mac > Computer Configuration
  2. Configure the Deployment Policies, as per your requirement.
  3. Define the Target computers to which you are deploying SentinelOne application.
  4. Configure Execution Settings, as per your requirement.
  5. Select Enable notifications and Scheduler settings as per your requirements.
  6. Click Deploy/Deploy Immediately to deploy the SentinelOne application.

Upgrading SentinelOne Software

To update the SentinelOne software for macOS follow the below steps:
  1. Create a software package using the SentinelOne upgrader package
  2. Under the Advanced Options, provide the below commands in the Installation Command field.

    sudo /usr/local/bin/sentinelctl upgrade-pkg "./[package file name].pkg"

    For example,

    sudo /usr/local/bin/sentinelctl upgrade-pkg "./Sentinel-Release-25-1-2-8039_macos_v25_1_2_8039.pkg"

    Kindly ensure to provide the correct .pkg file name in the installation command.

  3. After creating the SentinelOne upgradation package, deploy it to the target computers.

Trusted by