Deployment of Endpoint Protection for Mac through Microsoft Intune hangs

book

Article ID: 184923

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Attempts to deploy Symantec Endpoint Protection (SEP) for Mac via Microsoft's MDM solution "Intune" hang at approximately 80% of the deployment process.

Environment

SEP 14.2 MP1+
SEP 15

Resolution

Microsoft's Intune solution requires notarized pkg files.

See instructions here to create the SEPRemote.pkg file and use SEP for Mac version 14.2.5580 or newer: Exporting and deploying the Endpoint Protection Macintosh client with remote tools.

SEP installers include a Broadcom signature but they are not notarized because they usually contains elements that are unique to each customer's environment—SEP management server address(es), certificates, etc—and customer must obtain their own Apple Developer ID to sign and notarize pkg files. Consult Apple technical support for help with obtaining a developer identity and notarization: Notarizing macOS Software Before Distribution.