SEHA service on DLP Mac Agents will not start
search cancel

SEHA service on DLP Mac Agents will not start

book

Article ID: 245942

calendar_today

Updated On:

Products

Data Loss Prevention Core Package Data Loss Prevention Data Loss Prevention Endpoint Prevent

Issue/Introduction

A new install of the DLP agent on a Mac device running Monterey is not blocking files as expected.

The following in confirmed: 

  1. The Enforce Console lists the Connection Status of the workstation as 'Not Reporting'.
  2. EDPA and SEHA have been granted Full Disk Access on the workstation.
  3. Checking services on the workstation, CUI and EDPA are running but SEHA is not.
  4. Attempting to manually start SEHA results in one of the two following errors:

    Running SEHA from the Endpoint Agent folder
    "You cannot open the application "SEHA" because the application is not supported on the Mac."



    Starting SEHA from command line
    "The application cannot be opened for an unexpected reason, error=Error Domain=NSOSStatusErrorDomain Code=-10661 "(null)" UserInfo={_LSLine=3863, _LSFunction=_LSOpenStuffCallLocal}"



Environment

Data Loss Prevention 15.8 MP3
MacOS 12.4 (Monterey)

Cause

  1. The MDM profile deployed to the agent has missing components.
  2. The agent was installed from a directory with restricted rights.

Resolution

  1. Use the DLP_Endpoint_Agent_MDM_Profile.mobileconfig with the addin_truststore.cer to build/deploy the MDM profile.
  2. Copy and run the agent install from the \private\tmp folder on the workstation to ensure the agent has proper permissions.



Additional Information

  1. Instructions on how to find the DLP_Endpoint_Agent_MDM_Profile.mobileconfig.
  2. Instructions on how to find and import the addin_truststore.cer into the MDM profile.

Attachments