Prerequisites:

• Microsoft Intune environment

• ESET Protect or ESET Protect Cloud

Configuration:

1. Create a configuration file for GPO or SCCM Deployment

   
   
   Select the appropriate certificate and enter the password if needed. Optionally configure other settings in the advanced section, save the install_config.ini  file. 

    

2. Create postflight.plist file using the data from the install_config.ini from the previous step and the following template:

   <?xml version="1.0" encoding="UTF-8"?>
   <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
   <plist version="1.0">
   <dict>
       <key>Hostname</key><string>insert_value_from_install_config.ini_here</string>
       <key>SendTelemetry</key><string>0</string>
       <key>PeerCertPassword</key><string>insert_value_from_install_config.ini_here</string>
       <key>PeerCertPasswordIsBase64</key><string>yes</string>
       <key>Port</key><string>insert_value_from_install_config.ini_here</string>
       <key>PeerCertContent</key><string>insert_value_from_install_config.ini_here</string>
       <key>CertAuthContent</key><string>insert_value_from_install_config.ini_here</string>
       <key>InitialStaticGroup</key><string>insert_value_from_install_config.ini_here</string>
       <key>UseProxy</key><string>insert_value_from_install_config.ini_here</string>
       <key>ProxyHostname</key><string>insert_value_from_install_config.ini_here</string>
       <key>ProxyPort</key><string>insert_value_from_install_config.ini_here</string>
       <key>ProxyUsername</key><string>insert_value_from_install_config.ini_here</string>
       <key>ProxyPassword</key><string>insert_value_from_install_config.ini_here</string>
   </dict>
   </plist>

   Note: Remove the keys that have no value, most commonly this will be the following:
   PeerCertPassword (in this case, also remove PeerCertPasswordIsBase64)
   InitialStaticGroup
   UseProxy (Remove all other proxy related keys as well)

3. Upload this file to a webserver that is reachable for the clients you wish to deploy the EM Agent to.

4. Download the EM Agent for MacOS from our download page: https://download.eset.com/com/eset/apps/business/era/agent/latest/agent-macosx-x86_64_arm64.dmg and extract the .PKG file from the dmg

5. Create a new app within Intune:
   (Apps > macOS > macOS Apps > Add > macOS app (PKG)

   

    

6. Select the previously extracted PKG file:

   

    

7. Optionally add additional information, categories etc:
   

   

    

8. In the “Program” tab add the following pre-install script:
   (don’t forget changing the download url)

   #!/bin/sh -e
   curl --fail --connect-timeout 300 -o /tmp/postflight.plist https://example.com/postflight.plist

   Note: Unfortunately the contents of the postflight.plist file are bigger than the character limit of the pre-install script field, this is why we resort to downloading the file from a webserver rather than adding the contents directly into the pre-install script.

   

    

9. In the “Requirements” tab select macOS High Siarra 10.13 orr later if you prefer.

   

    

10. In the “Detection rules” tab, remove the highlighted entries, leaving only the “com.eset.remoteadministrator.agent” entry.

    
    after:
    

     

11. In the “Assignments” tab Set up the desired assignments: (e.g. required for all devices)

    

     

12. Review the settings and finish by clicking “Create”