Scribd
Upload
97 views

Installing The macOS Agent

The document provides instructions for installing the SentinelOne macOS agent. It describes downloading the installer package, running the installer using either the command line or an installation wizard, and authorizing necessary permissions for full disk access and network extension.

Uploaded by

Jose Najera
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
97 views

Installing The macOS Agent

The document provides instructions for installing the SentinelOne macOS agent. It describes downloading the installer package, running the installer using either the command line or an installation wizard, and authorizing necessary permissions for full disk access and network extension.

Uploaded by

Jose Najera
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Installing the macOS Agent

Make sure you have all the requirements before you start the installation.

For macOS Ventura + see: Installing the macOS Agent - macOS Ventura[installing-the-macos-
agent---macos-ventura.html]

Watch: How To Install SentinelOne Kextless Agent.[https://youtu.be/4_XHVWiqjFI]

To install the macOS Agent

1 Get the Site or Group Token

2 Install the Agent using the command line or the Installation Wizard.

3 Authorize Full Disk Access and Network Extension (this must be done locally).

4 Authorize the Bluetooth Low Energy permissions.

5 Upgrading macOS Agents with a Local Upgrade.

 Installing the Agent


[#UUID-410698ed-8ae1-adae-8aee-05d1567233a0_UUID-32dae1a8-67b2-3d0e-74db-
b2c8fdde7a0f_body]

To install the Agent on one macOS endpoint with Command Line:

1 In the Sentinels toolbar, click Packages.

2 Download the latest macOS installer package.


Make sure the scope of the package includes the Site that the Agent will go
to.

Best Practice: Download the file to the local endpoint.

3 Save the Site Token or Group Token in a plain text file in a folder named
/tmp with the Installer package. Name the Token file:
com.sentinelone.registration-token . Change the ownership of the file to
root with sudo chown root .

4 Run the installer:


$ sudo /usr/sbin/installer -pkg Download path/tmp/SentinelXXXX.pkg -target
/

Example:

$ sudo /usr/sbin/installer -pkg Desktop/tmp/SentinelXXXX.pkg -target / 

5 Complete the installation.

If the SentinelOne icon shows "Needs user attention" or the message


"Authorize SentinelOne components in System Preferences".
Authorize Full Disk Access and Network Extension permissions for the
SentinelOne Agent in the System Preferences.

To install the Agent on one macOS endpoint with Installation Wizard:

1 In the Sentinels toolbar, click Packages.

2 Download the latest macOS installer package.


Make sure the scope of the package includes the Site that the Agent will go
to.

Best Practice: Download the file to the local endpoint.

3 Give the Token string to the user (for example, send a message or email
with the Token string).

4 Run the installation package and enter the Token string when prompted in
the installation wizard.

5 Complete the installation.

If the SentinelOne icon shows "Needs user attention" or the message


"Authorize SentinelOne components in System Preferences".
Authorize Full Disk Access and Network Extension permissions for the
SentinelOne Agent in the System Preferences.
 Authorizing Full Disk Access
[#UUID-410698ed-8ae1-adae-8aee-05d1567233a0_UUID-934e2b3e-a2a0-4e81-2b22-
9466742196b0_body]

The macOS (10.15 Catalina and later releases) makes sure that applications are
installed in a secure way. It limits installation only to applications that are
approved by Apple and the user. This change does not let applications access
specified paths (such as Documents, Downloads, and Desktop) without user
consent.

If the SentinelOne icon shows "Needs user attention" or these messages


"Authorize Full-Disk-Access to SentinelOne in System Preferences", "Authorize
SentinelOne components in System Preferences". Approve Full Disk Access for
SentinelOne Apps in the System Preferences.

Important: This is done only once on an endpoint. If already done on the


endpoint, do not repeat it when the Agent is updated. If you do not complete this
prerequisite step, the macOS Agent will not have full visibility to all files from all
users.

Authorize Full Disk Access to these processes:

sentineld

sentineld_helper

For Agents 21.5 and lower, Authorize Full Disk Access to sentinel_shell

For Agents 21.7 and later, Authorize Full Disk Access to sentineld_shell
To Authorize Full Disk Access with MDM:

To grant full disk access in Jamf, see Installing and Upgrading macOS
Agents with Jamf[installing-and-upgrading-macos-agents-with-jamf.html].

To Authorize Full Disk Access on a local computer:

1 On the local computer, open System Preferences.

2 Click Security & Privacy, and select the Privacy tab.


3 Click the lock to make changes.

4 In the left pane, click Full Disk Access.

5 Click the + icon.


6 Press and hold Command+Shift+G at the same time to open the Go to the
folder menu.

7 Enter the path:

/Library/Sentinel/sentinel-agent.bundle/Contents/MacOS/ 

8 Click Go.
9 Select the SentinelOne applications, and click Open:

sentineld.app

sentineld_helper.app

For Agents 21.5 and lower, Authorize Full Disk Access to


sentinel_shell.app

For Agents 21.7 and later, Authorize Full Disk Access to


sentineld_shell.app
Optional: Drag and drop the SentinelOne applications into the Security &
Privacy window.

1. Open a Finder window.

2. Navigate to /Library/Sentinel .

3. Right-click the sentinel-agent.bundle, and select Show Package


Contents.

4. Navigate to the /Contents/MacOS/ folder.

5. Select the required SentinelOne applications, and drag the


applications to the Security & Privacy window.

10 Close System Preferences.

 Authorizing the Network Extension


[#UUID-410698ed-8ae1-adae-8aee-05d1567233a0_UUID-6064d206-ab87-eaee-c263-
f0601ad1da1b_body]

If the SentinelOne icon shows "Needs user attention" or these messages


"Authorize SentinelOne Network Extension in System Preferences", "Authorize
SentinelOne components in System Preferences" you must approve the network
Extension for SentinelOne in the System Preferences.

Do this only one time on every macOS endpoint. If you already approved it, there
is no need to repeat it when the SentinelOne App is updated. If you do not
complete this prerequisite step, your mac will not be fully protected.
If you use Mobile Device Management (MDM) solution to manage your
Endpoints, see:

Installing and Upgrading macOS Agents with Jamf[installing-and-upgrading-


macos-agents-with-jamf.html]

Installing and Upgrading macOS Agents with MDM tools[installing-and-


upgrading-macos-agents-with-mdm-tools.html]

To approve Network Extension:

1 If you see the System Extension Blocked message, click Open Security
Preferences.

Note: If you click OK, the window closes. To approve the SentinelOne
Network Extension later, open System Preferences > Security & privacy >
Security.

2 At System software from application "SentinelOne Extensions" was


blocked from loading, click Allow.

3 In the window that opens, click Allow.

 Upgrading macOS Agents with a Local Upgrade


[#UUID-410698ed-8ae1-adae-8aee-05d1567233a0_UUID-d6c89f0e-84cd-de53-7d1f-
45d7cf93d323_body]

 Troubleshooting
[#UUID-410698ed-8ae1-adae-8aee-05d1567233a0_UUID-07becf50-f82f-35b2-d592-
960e94d0b4a9_body]

Was this helpful?


Yes No

© 2023 SentinelOne Last modified: 5 October 2023

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy