Home » Help » Managing Mac Computers

Application Control Plus can be used to manage computers with a Mac Operating System. Application Control Plus offers a separate agent for managing Mac computers. This document will guide you through the process of getting started with managing Mac computers.

Supported macOS

Application Control Plus currently supports the following Mac versions:

  • 11 Big-Sur
  • 12 Monterey
  • 13 Ventura
  • 14 Sonoma
 

Note: Apple Silicon processors can run apps that are compiled for the Intel chipset through a software technology known as Rosetta 2. This translation layer is automatically enabled from macOS Big Sur & above, providing users access to all features in Application Control Plus Agent. In short, Application Control Plus efficiently supports these new laptops.

Installing Mac Agents

Mac agents can be installed manually on the computers that need to be managed by Application Control Plus. To install an agent manually, log in to the endpoint as an administrator from the Application Control Plus server web console and follow the steps mentioned below.

  1. Navigate to Agent, select Computers and click on Download Agent to start downloading the Mac agent.
  2. Choose the appropriate remote office and select the operating system as Mac.
  3. Navigate to the folder where the agent is downloaded. Extract the zip file and locate UEMS_MacAgent.pkg and serverinfo.plist files.
  4. Install the agent and provide admin credentials when prompted to complete installation.
  5. Navigate to the location where the agent is downloaded.

Installing Mac Agents Remotely

Install the agent in the remote computer

  1. Remote installation from local office

    2. To install an agent automatically from the console in a LAN setup, follow the steps given below:

    1. Navigate to Agent tab -> Settings -> Agent Settings -> Mac Agent Settings.
    2. Specify the credentials to automate agent installation.
    3. Click Save Changes.
    4. Navigate to Agent -> Computers -> Add Computers.

    This view will list down all the available computers from the selected domain. You can either add a computer from that view to your scope of management (SoM) or install an agent. The computers added to your scope of management (SoM) will be listed under computers view. You can select and click the Install Agent button to install an agent on the computer.

  2. Remote installation from remote office

    3. Installing Mac agents on remote office computers can be easily accomplished via SSH. Using a Mac computer, you can remotely connect to other computers and install the necessary agents. Follow the steps below to learn more about the installation process.

    1. Log in to the Mac endpoint as an administrator and download the Mac agent.
    2. Copy the downloaded Mac agent file to a preferred directory and then open the Terminal.
    3. Navigate to the directory where the agent is downloaded using the Terminal.
    4. Type scp UEMSMacAgent.zip adminusername@hostname: to copy the agent to the target computer.
      • where adminusername - administrator user name of the remote computer
      • hostname - local host name of the remote computer
      • Agent is copied in the location ~ /Users/adminusername in target computer
    5. Install the agent on the remote computer.
    6. Login to the target computer using SSH type ssh adminusername@hostname.
    7. Navigate to the location where the agent is copied, and unzip the agent zip file by typing unzip -oq UEMSMacAgent.zip.
    8. Install the agent using the command sudo installer-pkg UEMS_MacAgent.-target/.
    9. Enter the administrator password when prompted to complete the agent installation.
    10. Once the agents are installed successfully, the Mac computers will be listed in the SoM page in the Browser Security Plus web console.

    Pre-requisites for managing Mac computers

    In order to manage Mac computers using Application Control Plus, it's essential to fulfill two prerequisites: allowing System Extension and Full Disk access. For detailed instructions on how to complete these prerequisites, please refer to this link for step-by-step guidance.

    Uninstall Mac agents

    You can uninstall agents in the following ways:

    Through the Remove Computers option

    • Navigate to Agents and select the Computers tab from the left tree.
    • Select the computers to uninstall.
    • Select the Remove Computers option.
    • The agent, if reachable to the server, will uninstall itself automatically in the next 90-minute refresh cycle.

    Through the Uninstall Agent option (Only for LAN setup

    • Navigate to Agent tab -> Settings -> Agent Settings -> Mac Agent Settings.
    • Specify credentials to automate agent uninstallation. Click Save Changes.
    • Go to Agent -> Computers tab.
    • Select all the computers to uninstall.
    • Select the Uninstall Agent option.

    Uninstall agent manually

    • Log in to the computer as an administrator and open the terminal.
    • If Uninstall is not restricted in Agent Settings -> Agent Protection Settings, then use this command: /Library/ManageEngine/UEMS_Agent/Uninstaller.app/Contents/MacOS/Uninstaller -silent
    • If Uninstall is restricted in Agent Settings --> Agent Protection Settings, use this command and replace with the actual TOTP from Agent > Scope of Management > Computers > View TOTP: /Library/ManageEngine/UEMS_Agent/Uninstaller.app/Contents/MacOS/Uninstaller -silent -cli-totp=
    • In a few seconds, the agent will be uninstalled (removes all the files except logs).

    Using Finder

    • Open Finder.app.
    • Navigate to the directory /Library/ManageEngine/UEMS_Agent/
    • Right-click on Uninstaller.app -> click Open
    • Enter the Admin password when prompted.
    • In a few seconds, the agent will be uninstalled.
    • Note: All the agent files will be removed except the agent logs.