Launching Network System Extension from automated installation

App & System Services Networking
asab345 OP
Created 3w
Replies 1
Boosts 0
Views 150
Participants 2

We have network system extension which is fundamental part of our application and needs to be installed before the application can run.

In many cases we need the installation to be automated, i.e. without logged-in user (with the help of MDM solution like JAMF).

Is there a way to activate the extension fully automated without logged-in users?

I tried to call 'open -W -a /Application/<path to the extension loader>' from the package's post install script. But seems launch fails if no user is logged in.

Replies  1
Boosts  0
Views  150
Participants  2
DTS Engineer OP
Apple
3w
Is there a way to activate the extension fully automated without logged-in users?

AFAIK, yes, assuming the Mac is managed.

There are two parts to this:

  • Activating the system extension

  • Configuring and enabling the NE configuration

The second part is standard MDM stuff: You push a configuration profile with the appropriate payload. For example, for a per-app VPN you’d push a com.apple.vpn.managed.applayer payload payload.

The first part is trickier, and not something I’m intimately familiar with. It’s more of an MDM question than an API question.

However, my understanding is that you must first push the app via the MDM system and then push the com.apple.system-extension-policy payload.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
Launching Network System Extension from automated installation
First post date Last post date
 
 
Q