Addigy provides many options for installing third-party software including Webroot security software. To install Webroot silently, you must already have valid Webroot license keys.
With the advent of macOS 10.13 High Sierra, Apple introduced User Approved Kernel Extension Loading (UAKEL). This means that kernel extensions (also called KEXTs or security extensions) must be approved before they can be installed. To learn more about UAKEL, see some of Apple's documentation: Technical Note TN2459: User-Approved Kernel Extension Loading.
Because Webroot requires KEXTs to be installed, you will need to configure an MDM Profile and MDM Configuration for Kernel Extension Whitelist to bypass the user dialog that is normally required to approve a KEXT. For instructions on enabling these features within Addigy, see our support article: Addigy Mobile Device Management (MDM) Integration and Approved MDM Profiles.
Webroot may also request Full Disk Access. For instructions on creating a PPPC MDM Configuration that grants Full Disk Access to an application, see our support article: Creating an MDM payload for Full Disk Access (FDA).
If valid Kernel Extension and Full Disk Access payloads have been deployed before installing the software, then users will not be prompted to approve these items manually and the installation will be silent.
To install Webroot, create new Smart Software within Addigy. For more information on how to set up a Smart Software, see our support article: Creating Smart Software.
Here is the necessary Installation script for your Smart Software:
#!/bin/sh #set -x export TERM=xterm #Set Keycode for Clients KEY=1111-1111-1111-1111 OS_Version_major=$(sw_vers -productVersion | cut -d '.' -f1) OS_Version_minor=$(sw_vers -productVersion | cut -d '.' -f2) if [ $OS_Version_major == 10 ] && [ $OS_Version_minor -ge 15 ] || [ $OS_Version_major -ge 11 ]; then cd /tmp; curl -O https://mac.webrootmultiplatform.com/production/wsa-mac/10.15/latest/WSAMACSME.dmg hdiutil attach -nobrowse /tmp/wsamacsme.dmg sudo rm -f /Library/PrivilegedHelperTools/com.webroot.InstallerHelperTool sudo "/Volumes/Webroot SecureAnywhere/Webroot SecureAnywhere.app/Contents/MacOS/Installer" -keycode=$KEY install -language=en -silent || True else cd /tmp; curl -O http://anywhere.webrootcloudav.com/zerol/wsamacsme.dmg hdiutil attach -nobrowse /tmp/wsamacsme.dmg sudo "/Volumes/Webroot SecureAnywhere/Webroot SecureAnywhere.app/Contents/MacOS/Webroot SecureAnywhere" install -keycode=$KEY -language=en -silent fi diskutil unmount /Volumes/Webroot\ SecureAnywhere rm -rf /tmp/wsamacsme.dmg if [ ! -e "/Applications/Webroot SecureAnywhere.app" ]; then echo "There was an issue with the installation" exit 1 fi
- Replace the 1111-1111-1111-1111 with your valid license key.
- Because the script handles downloading the latest version of Webroot, no files need to be uploaded to this Smart Software.
Adding a Condition Script
Additionally, a Condition script can be added so that this software is enforced on a recurring basis as part of an Addigy policy.
Here is a simple Condition script that checks for the Webroot application on the device:
if [ -d "/Applications/Webroot SecureAnywhere.app" ]; then echo "Webroot already installed. Skipping installation." exit 1 else echo "Webroot not found. Installing..." exit 0 fi
Note: this Condition script assumes that the Install on Success setting is toggled ON.
If you have any questions, please do not hesitate to reach out to us by contacting email@example.com