Mac Endpoint in "Bypass", even after all manual approval steps in documentation are followed
search cancel

Mac Endpoint in "Bypass", even after all manual approval steps in documentation are followed

book

Article ID: 372601

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense)

Issue/Introduction

After installing 3.8.0.58 sensor on a 14.5 macOS endpoint without MDM approvals, the sensor remains in Bypass or a FDA Error status, despite following all steps in Documentation here.

Environment

  • Carbon Black Cloud Sensor: 3.8.0.58
  • Apple MacOS: 14.5

Cause

com.vmware.carbonblack.cloud.se-agent.extension was not granted Full Disk Permission during sensor installation. 

Resolution

  1. Navigate to System Settings > Privacy & Security > Full Disk Access
  2. Toggle the com.vmware.carbonblack.cloud-se-agent.extension entry to enabled.
  3. Change will require credentials.
  4. In addition drag-and-drop the entire /Applications/VMware/Carbon Black Cloud/repmgr.bundle folder from the Finder window to the Full Disk Access pane. 

Additional Information

  • Moving the entire repmgr.bundle from to Full Disk Access will not display any indication that it was done but will still work.
  • It may still take a reboot or 15 minutes to an hour for FDA warnings or errors to go away once this has been completed.