Deploying Coro with JumpCloud
This guide describes how to deploy the Coro Agent to your macOS endpoint devices through JumpCloud.
Important
JumpCloud does not support dynamic links and requires a non-changing, static URL to deploy apps using their Software Management feature. This is a known limitation - to learn more, see: https://jumpcloud.com/support/software-management-macos.
For this reason, Coro recommends deploying the Agent in one of the following ways:
- Via shell script. For full details, see Using a shell script to deploy Coro to macOS devices .
-
As JumpCloud recommends, self-host the Agent installer package on a cloud storage service such as AWS, Backblaze, or Dropbox. Then, set the installer path to the relevant location in that service. For example:
https://host.com/path/CoroInstaller_123abc-456def-789abc.pkg. Through this method, you can utilize your new static URL to deploy the Agent using JumpCloud's Software Management feature. For information and queries regarding this method, contact JumpCloud support.
To deploy Coro via JumpCloud, perform the following steps:
- Sign in to the Coro console .
-
From the sidebar, select
to access the
Control Panel
.
-
Select
Devices
:
-
Select the
Agent Deployment
tab:
-
Select
Actions > Download
adjacent to the desired macOS Agent version:
The Agent installer is downloaded to your local workstation, ready to be uploaded to the relevant cloud storage location.
- Sign in to the JumpCloud Admin Portal , then go to Device Management > Policy Management .
- To add a new policy, select + .
-
Select
Mac
from the list of platforms at the top of the dialog, then locate the
Application Privacy Preferences
option and select
Configure
:
JumpCloud displays the New Policy dialog:
-
In the
Details
tab, locate the
Application Information
section and configure the following settings:
-
Code Requirement
:
anchor apple generic and identifier "net.coro.endsec.Coro" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = E3P52EVK39) -
Identifier
:
net.coro.endsec.Coro - Identifier Type : Select BundleID
-
Code Requirement
:
-
Locate the
Privacy Preferences
section further down and enable the following settings:
- Allow Access to All Files
- SysAdmin Files
- Select Save to add the new policy.
-
Repeat steps 4-8 to add a
second
policy based on the following settings:
-
Code Requirement
:
anchor apple generic and identifier "net.coro.endsec.CoroService" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = E3P52EVK39) -
Identifier
:
net.coro.endsec.CoroService - Identifier Type : Select BundleID
-
Code Requirement
:
-
For the second policy, locate the
System Extension
option and and select
Configure
:
-
Specify the following settings:
- Team ID : E3P52EVK39
-
Bundle ID
: Select
Add Bundle ID
and add the following IDs:
- net.coro.endsec.Coro
- net.coro.endsec.CoroService
- Security Extension : Enable
-
In the sidebar, select
Policy Groups
and either:
- Select the + to create a new policy group.
- Choose an existing policy group suitable to distribute the Coro Agent to your devices.
-
In your policy group, perform the following steps:
- Select Software Management .
- Select Apple , then select + to configure the upload settings.
- Name your installation, add your Coro Agent installer package cloud storage location URL, then validate the URL.
- Select Device Groups or Devices as applicable to configure your device distribution.
- Select Save to save your changes.
JumpCloud configuration is complete.
Coro is distributed and installed during your scheduled or configured cycles.