Over the next few weeks. I am going to be writing a series of posts about Jumpcloud. Jumpcloud is a DaaS (Directory as a Service.) I have been working with JumpCloud for roughly the last year. During this time, I have migrated four different companies from various authentication platforms (Microsoft Active Directory, Qnap Authentication and local authentication) to the DaaS across a multitude of different operating systems.
Over the next few posts, I am going to share some commands or scripts that I have personally written for my environment to help to do the simple things. Such as install applications, check the status of systems and more.
The first command I will be sharing is installing Sophos EndPoint Protection on macOS. Something to note about all of these commands is that they require some files to be publically accessible. They can be on AWS S3 or a cheap and cheerful Linode server; it makes no odds.
The full command to copy and paste into the command box.
mkdir /tmp/Sophos && cd /tmp/Sophos && curl -o /tmp/Sophos/SophosInstall.zip "http://somewebserver/SophosInstall.zip" && unzip SophosInstall.zip && rm SophosInstall.zip && sudo chmod a+x /tmp/Sophos/Sophos\ Installer.app/Contents/MacOS/Sophos\ Installer && sudo chmod a+x /tmp/Sophos/Sophos\ Installer.app/Contents/MacOS/tools/com.sophos.bootstrap.helper && sudo /tmp/Sophos/Sophos\ Installer.app/Contents/MacOS/Sophos\ Installer --install && rm -rf /tmp/Sophos
Let me break this down.
The first part creates a directory in the /tmp/folder called Sophos.
mkdir /tmp/Sophos && cd /tmp/Sophos &&
The next part downloads to /tmp/Sophos the zip file from your repo or hosting location and unzip into the folder, it then removes the original zip.
curl -o /tmp/Sophos/SophosInstall.zip "http://somewebserver/SophosInstall.zip" && unzip SophosInstall.zip && rm SophosInstall.zip &&
The third part modifies the permissions on the installer and associated files to allow it to run
sudo chmod a+x /tmp/Sophos/Sophos\ Installer.app/Contents/MacOS/Sophos\ Installer && sudo chmod a+x /tmp/Sophos/Sophos\ Installer.app/Contents/MacOS/tools/com.sophos.bootstrap.helper &&
The final section tells the Sophos installer to execute silently and then remove the /tmp/Sophos folder to tidy up after.
sudo /tmp/Sophos/Sophos\ Installer.app/Contents/MacOS/Sophos\ Installer --install && rm -rf /tmp/Sophos
If you have any other applications you would like to see commands created, please let me know in the comments, and I will see what I can do.
Hello,
Have you by chance done this with Windows 10 yet by chance?
Hi Christian,
Thanks for coming by. Leave it with me. I Will get it done shortly.
Hi Christian,
I have written a quick script that in testing, seems to work.
Copy the below into a command window and edit it to point to the correct URL for your Sophos central windows setup.
$url = 'https://URLTO/SophosSetup.exe'$output = "C:\Temp\Sophos.exe"
Invoke-WebRequest -Uri $url -OutFile $output
C:\Temp\Sophos.exe --quiet
If you wouldn’t mind testing it on a non-essential Windows 10 machine (I tested it on a Windows 10 VM on my mac and it worked perfectly) after a couple of minutes I saw the VM show up in the Sophos Central Console.
Normal disclaimer applies – I take no responsibility to anything it does or doesn’t do etc
Do end-users have to manually allow Sophos to load due to Sophos? Is there any way to get around “system software from developer ‘Sophos’ was blocked from loading” through jumpcloud?
Hi Dev,
Unfortunately that is still the case.
I think that is a macOS security requirement rather then a Sophos requirement.
Although if Sophos is installed on an older version macOS, and you want to update Sophos to the latest version for any reason it doesnt need re-approving.
I am still trying to find a way around it, but havent had much luck yet.
Thanks
Hi Richard,
This has helped me put Sophos into our new starters machines faster and much more smoothly.
Thank you for your amazing work.
Renato
Thanks Renato – Glad to have helped!