Deployment of Endpoint Protection for Mac through Microsoft Intune hangs


Article ID: 184923


Updated On:


Endpoint Protection


Attempts to deploy Symantec Endpoint Protection (SEP) for Mac via Microsoft's MDM solution "Intune" hang at approximately 80% of the deployment process.


SEP 14.2 MP1+
SEP 15


Microsoft's Intune solution requires notarized pkg files.

See instructions here to create the SEPRemote.pkg file and use SEP for Mac version 14.2.5580 or newer: Exporting and deploying the Endpoint Protection Macintosh client with remote tools.

SEP installers include a Broadcom signature but they are not notarized because they usually contains elements that are unique to each customer's environment—SEP management server address(es), certificates, etc—and customer must obtain their own Apple Developer ID to sign and notarize pkg files. Consult Apple technical support for help with obtaining a developer identity and notarization: Notarizing macOS Software Before Distribution.