MAC 14.2 Install script Automation Issue

How about we try the MDM profiles James ?

https://support.sophos.com/support/s/article/KB-000045806?language=en_US

If you haven't read the article , I suggest you take a look at it and follow the instructions under "MMD Correction" and then we push the script ? 

I strongly believe this would work. It all makes sense cuz the script is going to the endpoint through MDM and it fails where as if the script is run directly its working. In that case configuring MDM profiles may be a good choice for us.

Please do update me on how it goes. 

Really curious to find. Thanks again for you time James.

Followed your link above and we setup the two PPPC setups and restarted the MAC and tried the script again and its the same  result.

Hi James,

I'm sorry to hear that the previous steps didn't resolve the issue. Let's try a few more steps to see if we can get this sorted out.

First Approach:

1. Removing Sophos Files and Folders: Please follow the instructions below to remove Sophos files and folders, then reboot your Mac.

   Open Terminal and execute these commands:

   bashCopy code

   sudo rm -R /Library/Sophos\ Anti-Virus/ sudo rm -R /Library/Application\ Support/Sophos/ sudo rm -R /Library/Preferences/com.sophos.* sudo rm /Library/LaunchDaemons/com.sophos.* sudo rm /Library/LaunchAgents/com.sophos.* sudo rm -R /Library/Extensions/Sophos* sudo rm -R /Library/Caches/com.sophos.*

2. Add Full Disk Access via MDM: Once the Mac reboots, please ensure Full Disk Access is granted via MDM.

3. Push the Script: After the reboot and granting access, try pushing the script again.

If the Issue Persists:

1. Remove Sophos Files and Folders: Start by removing the Sophos files and folders as mentioned above and then reboot your Mac.

2. Remove the com.manageengine.protectord System Extension: This can be done through the Terminal or System Preferences. 

3. Add Full Disk Access via MDM: After removing the extension and rebooting, ensure Full Disk Access is granted via MDM.

4. Push the Script: Finally, attempt to push the script again.

I have spent a few days working on trying to disable or rename or remove protectord from the system and it is baked in as part of ManageEngine you are not able to remove it without removing ManageEngine all together which defeats the purpose of pushing the script out of ManageEngine.  We need it to work in there.  If that is the issue we need to find a work around.

Any ides on how else we can try to get this working for us?  Worried that the upcoming updated version in Feb will not fix our issue and we have a few macs this needs to get pushed to.

Hi James, 

Sorry about the delay. Unfortunately, I do not have a test setup to take this further. I'll try my best to find one and will update this thread soon.