Cylance Privacy Preferences Policy Control and Tokenizer, Activation Script

macOS Mojave introduced a security feature that allows third-party applications to access protected user data. Cylance recommends that customers running macOS Mojave and later allow the Full Disk Access permission for all Cylance Smart Antivirus services. Not enabling Full Disk Access could affect agent functions such as Background Threat Detection and Memory Protection.

Administrators can use one of the following methods to ensure that the Cylance Smart Antivirus services have the full disk access they need:

Create a Privacy Preferences Policy Control profile
Create a manual exception

Link:
https://support.blackberry.com/pkb/s/article/67335

Activate Cylance

#remove old version of Cylance if exists
/Applications/Cylance/Uninstall\ CylancePROTECT.app/Contents/MacOS/Uninstall\ CylancePROTECT --noui --password=supersecret
sleep 15
#install latest Cylance version with install token
echo rfgsergsefgsfgsdfg > /private/tmp/Cylance/cyagent_install_token 
installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target / -verbose
rm /private/tmp/Cylance/cyagent_install_token

#!/bin/sh
#####
# Installs Cylance along with the token. You enter the token as variable $4 in Jamf
#####
# version 1.1
# Created by Nathan Beranger, January 2018
#####
# Revision notes:
#
# 1.1 - cleaned up syntax and commenting throughout
# - added log output to TGAM-Jamf.log
####
## Assign today's date and time, and name of script for logging purposes
DATE=$(date '+%Y-%m-%d %H:%M')
SCRIPTNAME="Install Cylance with Token"
#####
# Send all output to /private/var/tmp/TGAM-Jamf.log. Using >> instead of > will
# append output to file instead of overwritting existing file.
#####
# Saves file descriptors 1 (stdout) to 3, and 2 (stderr) to 4,
# so they can be restored to whatever they were before
exec 3>&1 4>&2
# Restore file descriptors for particular signals
trap 'exec 2>&4 1>&3' 0 1 2 3
# Redirect 1 (stdout) to 'TGAM-Jamf.log' then redirect 2 (stderr) to 1 (stdout)
exec 1>>/private/var/tmp/YourName-Jamf.log 2>&1
echo "---------------------------------------------------"
echo "$DATE"" | ""$SCRIPTNAME"
echo "---------------------------------------------------"
## Create cylance token file
cd /Users/Shared/CylancePROTECT/ || exit
echo "$4" >cyagent_install_token
## Run the Cylance installer, using the token file that was created above
installer -pkg /Users/Shared/CylancePROTECT/CylancePROTECT_"$5".pkg -target /
## Clean up the files now that the application has been installed
rm -R /Users/Shared/CylancePROTECT
exit 0

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *