+1
Pending Review

Remote deployment of Automate and Screenconnect Agent on MacOS

AustinS 5 months ago updated 5 months ago 2

Currently, the package to deploy the Automate and Screenconnect agents does not install correctly on macOS machines if attempted via remote deployment. The only way to correctly install agents on macOS devices is manually. However, this method is neither feasible nor practical for an MSP when managing numerous end devices worldwide.

The major issues are:

- The currently available macOS package comes in two parts: LTSvc.mpkg and config.sh. This is not a suitable solution for deployment using third-party MDMs or tools.

The workaround for this issue is to convert the package into a .dmg file. However, this still leaves another issue with Screenconnect.


-  The Screenconnect agent is not installed as part of the .dmg file. The primary reason for this is that the Screenconnect component of the agent is not a 'signed' package. Consequently, macOS security does not allow the installation. 


- You cannot upload the 'Screenconnect installer' to any MDM solution as it is not a 'signed' package.


- Additionally, the ScreenRecording and Accessibility permission should get enabled as part of the installation on MacOS systems as part of the agent installation.


There are more details and information discussed with your support teams under the following tickets, which you can review for more information:


ConnectWise Case #02257957

ConnectWise Case #02027339

I can't speak to Automate but I am pushing out the ScreenConnect .pkg just fine with Microsoft Intune. Accessibility permissions are controlled with a post-install script.

+1

Hi Brian,


Are you able to enable 'Screen Recording' permissions as well through any post-install script? 

Accessibility permissions I'm able to control via pushing the profile configuration settings, but 'Screen Recording' permission is an issue.

Thanks.