Searching...
Filters
SmallMediumLarge
Home Print Show Topic URL Previous Next
IT Management Suite
Client Management Suite
Server Management Suite
Deployment Solution
Asset Management Suite
ServiceDesk

Symantec Management Agent for Mac installation prerequisites

Client Management Suite for Mac

Mac software runs only on the hardware that is designed to support it. In this way, system requirements for managing Mac computers are simpler than Windows.

Your computer must meet the hardware prerequisites and software prerequisites before you can install the Symantec Management Agent.

See About installing the Symantec Management Agent for UNIX, Linux, or Mac

Table: Symantec Management Agent for Mac installation prerequisites

Prerequisite

Description

Operating system

Any of the following operating systems:

  • Mac OS X 10.6.x (Universal binary), 10.7.x (Universal binary), 10.8.x (Universal binary), 10.9 (Universal library)

  • Mac OS X Server 10.6.x (Universal binary), 10.7.x (Universal binary), 10.8.x (Universal binary)

Universal binary means that the operating system can run on either a PowerPC or an Intel computer.

Starting from Mac OS X 10.9, Mac OS X Server is replaced with an app available through Appstore.

Hard disk space

60-MB minimum for temporary installation files and 60 MB for resident installed files.

RAM

25-MB minimum.

Access rights

Symantec requires administrator account credentials to connect to the client Mac computer. After you connect to the Mac as a local administrator, you can either push or pull the agent. You push the agent automatically from Symantec Management Console or pull the agent manually, from the Mac Terminal.

In CMS 7.1 and earlier, explicit root privileges were required for installing the agent. If you have upgraded to CM 7.1 SP1 or later you gain root privileges in the background when you do a push installation using the administrator account credentials. If you do a pull installation, you connect to the Mac computer as an administrator and at the Mac Terminal run the sudo ./aex-bootstrap-macosx command. The sudo command gives you the administrator privileges on the Mac computer and you can install the Symantec Management Agent.

When you perform a remote installation of the agent from Symantec Management Console, you install the agent using a local administrator account. This account is required for all installation methods, including push and pull.

The concept of a root directory and root user may be new if you have worked only on the Windows platform. The root user is not synonymous with the Windows administrator account. Root is a particular user on UNIX-style operating systems. It is a powerful account, and you should understand it thoroughly before you enable, disable, or use it. You can find an introduction to the concept of the root user at the Apple support site in Enabling and using the "root" user in Mac OS X and in Overview of the Altiris Agent for UNIX, Linux and Macintosh Installation Process in the Symantec Knowledge Base.

Remote SSH connections enabled, if required

Only a push installation from Symantec Management Console requires that you enable remote login through Secure Shell (SSH) on the destination Mac client computer. You enable SSH in System Preferences in the Sharing window. To enable SSH, enable Remote Login.

Warning: If you plan to perform a push installation, you must also configure third-party firewalls to allow an SSH connection from Symantec Management Console to the Mac client. Use the credentials that are provided in the Installation Settings dialog box for the computer or computers that you select to receive the push installation from the console. The path in Symantec Management Console is Actions > Agents/Plug-ins > Push Symantec Management Agent > Install Symantec Management Agent for UNIX, Linux and Mac > Rollout Agent for UNIX, Linux, and Mac to Computers.

The Secure Shell (SSH) gives you access from Symantec Management Console (specifically, Notification Server) to remote Mac client computers. Without SSH enabled, you cannot install the agent. With SSH enabled, you can perform bulk installations of the agent from Notification Server to multiple Mac clients.

To allow an incoming SSH connection, ensure that an SSH server is running on the Mac client computer and that the firewall is configured.

See Installing Symantec Management Agent for Mac

See Allowing incoming connections through SSH

If you install through a manual process or a pull installation, you do not need to enable SSH. For a pull installation, you download aex-bootstrap-macosx. This self-extracting script triggers the agent installation. To use this script, you use the sudo prefix from the Mac Terminal. The Mac Terminal is synonymous with the Windows command line.

See Command-line options for managing Mac client computers

Outbound connection to Notification Server is enabled

You must configure the firewall to allow an outgoing connection to a Web port on Notification Server.

See Installing Symantec Management Agent for Mac

See Disabling or configuring a built-in Mac OS X firewall

Notification Server communicates through port 80 by default through an outbound connection. The agent communicates through Notification Server through port 80 (HTTP, for browsing) or port 443 (HTTPs, secure). The agent communicates with Notification Server over HTTP or HTTPs; therefore, you must configure the firewall to allow whichever type of connection you choose to allow.

Notification Server name resolution is set up

Set up Notification Server name resolution.

See Installing Symantec Management Agent for Mac

You can set up name resolution in one of the following ways:

Symantec does not recommend using the option to use only the Notification Server computer IP address. This option requires reconfiguration of the Notification Server computer codebase and snapshot settings.

For details, see HOWTO3674 in the Symantec Knowledge Base.

Push-installation requirements are met

If you plan to install the agent through a push, you must remove or disable the customized prompts and the login scripts that include interactive prompts.

Remember that you must also configure third-party firewalls to allow an SSH connection from Symantec Management Console to the Mac client. Use the credentials that are provided in the Installation Settings window when you perform a push from the console.

Customized prompts can cause a push installation to fail. Customized prompts are those that are multi-lined, contain colors, contain more than 200 characters, or have been customized in any other way.

Login scripts that users run cannot include interactive prompts, because the Symantec installation scripts cannot detect or respond to those interactive login scripts on Mac client computers.

You do not need to discover Mac computers on your network with Network Discovery before you push the agent to those computers.