Data Loss Prevention Core PackageData Loss PreventionData Loss Prevention Endpoint Prevent
Issue/Introduction
A new install of the DLP agent on a Mac device running Monterey is not blocking files as expected.
The following in confirmed:
The Enforce Console lists the Connection Status of the workstation as 'Not Reporting'.
EDPA and SEHA have been granted Full Disk Access on the workstation.
Checking services on the workstation, CUI and EDPA are running but SEHA is not.
Attempting to manually start SEHA results in one of the two following errors:
Running SEHA from the Endpoint Agent folder "You cannot open the application "SEHA" because the application is not supported on the Mac."
Starting SEHA from command line "The application cannot be opened for an unexpected reason, error=Error Domain=NSOSStatusErrorDomain Code=-10661 "(null)" UserInfo={_LSLine=3863, _LSFunction=_LSOpenStuffCallLocal}"
Environment
Data Loss Prevention 15.8 MP3 MacOS 12.4 (Monterey)
Cause
The MDM profile deployed to the agent has missing components.
The agent was installed from a directory with restricted rights.
Resolution
Use the DLP_Endpoint_Agent_MDM_Profile.mobileconfig with the addin_truststore.cer to build/deploy the MDM profile.
Copy and run the agent install from the \private\tmp folder on the workstation to ensure the agent has proper permissions.