deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md
Beth Levin 160e791473 updated titles and description
2019-11-05 15:49:44 -08:00

5.9 KiB
Raw Blame History

title, description, keywords, search.product, search.appverid, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, ms.author, author, ms.localizationpriority, manager, audience, ms.collection, ms.topic
title description keywords search.product search.appverid ms.prod ms.mktglfcycl ms.sitesec ms.pagetype ms.author author ms.localizationpriority manager audience ms.collection ms.topic
Manual deployment for Microsoft Defender ATP for Mac Install Microsoft Defender ATP for Mac manually, from the command line. microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra eADQiWindows 10XVcnh met150 w10 deploy library security dansimp dansimp medium dansimp ITPro M365-security-compliance conceptual

Manual deployment for Microsoft Defender ATP for Mac

Applies to:

This topic describes how to deploy Microsoft Defender ATP for Mac manually. A successful deployment requires the completion of all of the following steps:

Prerequisites and system requirements

Before you get started, see the main Microsoft Defender ATP for Mac page for a description of prerequisites and system requirements for the current software version.

Download installation and onboarding packages

Download the installation and onboarding packages from Windows Defender Security Center:

  1. In Windows Defender Security Center, go to Settings > Machine Management > Onboarding.

  2. In Section 1 of the page, set operating system to Linux, macOS, iOS, and Android and Deployment method to Local script.

  3. In Section 2 of the page, select Download installation package. Save it as wdav.pkg to a local directory.

  4. In Section 2 of the page, select Download onboarding package. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory.

    Windows Defender Security Center screenshot

  5. From a command prompt, verify that you have the two files. Extract the contents of the .zip files:

    $ ls -l
total 721152
-rw-r--r--  1 test  staff       6185 Mar 15 10:45 WindowsDefenderATPOnboardingPackage.zip
-rw-r--r--  1 test  staff  354531845 Mar 13 08:57 wdav.pkg
$ unzip WindowsDefenderATPOnboardingPackage.zip
Archive:  WindowsDefenderATPOnboardingPackage.zip
inflating: WindowsDefenderATPOnboarding.py

Application installation

To complete this process, you must have admin privileges on the machine.

  1. Navigate to the downloaded wdav.pkg in Finder and open it.

    App install screenshot

  2. Select Continue, agree with the License terms, and enter the password when prompted.

    App install screenshot

    Important

    You will be prompted to allow a driver from Microsoft to be installed (either "System Extension Blocked" or "Installation is on hold" or both. The driver must be allowed to be installed.

    App install screenshot

  3. Select Open Security Preferences or Open System Preferences > Security & Privacy. Select Allow:

    Security and privacy window screenshot

The installation proceeds.

Caution

If you don't select Allow, the installation will proceed after 5 minutes. Defender ATP will be loaded, but some features, such as real-time protection, will be disabled. See Troubleshoot kernel extension issues for information on how to resolve this.

Note

macOS may request to reboot the machine upon the first installation of Microsoft Defender. Real-time protection will not be available until the machine is rebooted.

Client configuration

  1. Copy wdav.pkg and WindowsDefenderATPOnboarding.py to the machine where you deploy Microsoft Defender ATP for Mac.

    The client machine is not associated with orgId. Note that the orgId attribute is blank.

    $ mdatp --health orgId

  2. Run the Python script to install the configuration file:

    $ /usr/bin/python WindowsDefenderATPOnboarding.py
Generating /Library/Application Support/Microsoft/Defender/com.microsoft.wdav.atp.plist ... (You may be required to enter sudos password)

  3. Verify that the machine is now associated with your organization and reports a valid orgId:

    $ mdatp --health orgId
E6875323-A6C0-4C60-87AD-114BBE7439B8

After installation, you'll see the Microsoft Defender icon in the macOS status bar in the top-right corner.

Microsoft Defender icon in status bar screenshot

How to Allow Full Disk Access

Caution

macOS 10.15 (Catalina) contains new security and privacy enhancements. Beginning with this version, by default, applications are not able to access certain locations on disk (such as Documents, Downloads, Desktop, etc.) without explicit consent. In the absence of this consent, Microsoft Defender ATP is not able to fully protect your device.

To grant consent, open System Preferences -> Security & Privacy -> Privacy -> Full Disk Access. Click the lock icon to make changes (bottom of the dialog box). Select Microsoft Defender ATP.

Logging installation issues

See Logging installation issues for more information on how to find the automatically generated log that is created by the installer when an error occurs.

Uninstallation

See Uninstalling for details on how to remove Microsoft Defender ATP for Mac from client devices.