Mac Endpoint in "Bypass", even after all manual approval steps in documentation are followed
book
Article ID: 372601
calendar_today
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Issue/Introduction
After installing 3.8.0.58 sensor on a 14.5 macOS endpoint without MDM approvals, the sensor remains in Bypass or a FDA Error status, despite following all steps in Documentation here.
Environment
Carbon Black Cloud Sensor: 3.8.0.58
Apple MacOS: 14.5
Cause
com.vmware.carbonblack.cloud.se-agent.extension was not granted Full Disk Permission during sensor installation.
Resolution
Navigate to System Settings > Privacy & Security > Full Disk Access
Toggle the com.vmware.carbonblack.cloud-se-agent.extension entry to enabled.
Change will require credentials.
In addition drag-and-drop the entire /Applications/VMware/Carbon Black Cloud/repmgr.bundle folder from the Finder window to the Full Disk Access pane.
Additional Information
Moving the entire repmgr.bundle from to Full Disk Access will not display any indication that it was done but will still work.
It may still take a reboot or 15 minutes to an hour for FDA warnings or errors to go away once this has been completed.