You can use the Commands feature of the JumpCloud Admin Portal to download and install the SentinelOne Agent on macOS, Windows, and Linux devices. SentinelOne provides security software to protect endpoints from malware and exploits.
For macOS devices, you’ll also need to apply a policy in JumpCloud that provides Application Privacy Preferences controls for the SentinelOne Agent. After you apply the policy, SentinelOne for macOS will launch without user prompts for access to the device.
For macOS devices, you should create and apply the SentinelOne policy before you deploy the SentinelOne app.
Creating a MacOS SentinelOne Policy
The SentinelOne PPPC policy should be applied to your devices. The policy installs the necessary permissions to run SentinelOne integration on your devices.
To create a SentinelOne policy on a macOS device:
- Log in to the JumpCloud Admin Portal.
- Go to DEVICE MANAGEMENT > Policy Management.
- Click ( + ), then select the Mac tab.
- Locate the SentinelOne Agent Permissions Policy, then click configure.
- (Optional) On the New Policy panel, enter a new, unique name for the policy or keep the default.
- (Optional) Select the Device Groups tab, then select one or more device groups where you'll apply this policy.
- (Optional) Select the Devices tab, then select one or more devices where you'll apply this policy.
- Click save, then click save again.
- Run the command you created in To install the SentinelOne Agent on a macOS Device below by selecting the checkbox next to the command on the Commands page and clicking run now.
If the command doesn’t run, verify that you have root permissions.
- After the command finishes, select the Results tab on the Commands page. An exit code of 0 indicates that the command ran successfully. If multiple commands are processed at runtime, only the last exit code is reported. For a list of all exit codes, see Understand Command Results.
- Verify that the SentinelOne policy was applied on the macOS device (From the Apple menu, System Settings > Privacy & Security > Profiles):
MacOS 15 Sequoia will disable the option to toggle the SentinelOne extension under System Settings > General > Login Items & Extensions > Endpoint Security Extensions for end users.
Installing the SentinelOne Agent
MacOS
To install the SentinelOne Agent on a macOS device:
- Log in to the JumpCloud Admin Portal.
- Go to DEVICE MANAGEMENT > Commands.
- Click ( + ), then choose Command from Template. See Get Started: Commands for more information.
- In the command template pane, select MacOS.
- Locate the command named Mac - Install Sentinel One Agent and select Configure.
- (Optional) You can edit the default name for this command.
- Edit the script to customize these two variables:
- Update the SentinelToken variable. For more information, see the SentinelOne documentation (you will need a SentinelOne account to access).
- Update the DownloadUrl to point to the location of your SentinelOne package file. This file should be available to devices over the internet. The script will download this file during execution.
This script works for many situations; you might need to alter some variables for your organization. For more information, see the SentinelOne documentation (you will need a SentinelOne account to access).
- If you want to schedule when the command runs or trigger the command, click Event and choose one of the options. The default is Run Manually.
- Under Options, you can increase the timeout value. The JumpCloud Commands default is 120 seconds.
The command returns a failure if the download and installation does not complete before the timeout passes. Ensure that your timeout value considers the speed of your network connection.
- Under TTL Settings, verify that Use Smart Defaults is selected.
- Assign the SentinelOne agent to your devices:
- If you are assigning the SentinelOne Agent to individual devices, select the Devices tab and select the checkmark next to each device where you want to install the agent.
- If you are assigning the SentinelOne Agent to groups of devices, select the Device Groups tab and select the checkmark next to each device group where you want to install the agent.
- Click save, then click save again.
- Run the command by selecting the checkbox next to the command on the Commands page and clicking run now.
If the command doesn’t run, verify that you have root permissions.
- After the command finishes, select the Results tab on the Command page. An exit code of 0 indicates that the command ran successfully. If multiple commands are processed at runtime, only the last exit code is reported. For a list of all exit codes, see Understand Command Results.
For troubleshooting information, see the SentinelOne Troubleshooting page (you will need a SentinelOne Account to access).
Windows
To install the SentinelOne Agent on a Windows device:
- Log in to your Admin Portal.
- Go to DEVICE MANAGEMENT > Commands.
- Click ( + ), then choose Command from Template. See Get Started: Commands for more information.
- Within the command template pane, select Windows.
- Locate the command named Windows - Install Sentinel One Agent and select Configure.
- (Optional) You can edit the default name for this command or type a new name.
- Edit the PowerShell script to customize these two variables:
- $siteToken - Update the Site Token variable. For more information, see the SentinelOne documentation (you will need a SentinelOne account to access).
- $installerURL - Download a .exe installer from the SentinelOne website and update this field to the storage location of that .exe file.
This script works for many situations; you might need to alter some variables for your organization. For more information, see the SentinelOne documentation (you will need a SentinelOne account to access).
- Under Options, you can increase the timeout value. The JumpCloud Commands default is 120 seconds.
The command returns a failure if the download and installation does not complete before the timeout passes. Ensure that your timeout value considers the speed of your network connection.
- Click Launch Event, then choose Run Manually.
- Assign the SentinelOne Agent to your devices:
- If you are assigning the SentinelOne to individual devices, select the Devices tab and select the checkmark next to each device where you want to install the agent.
- If you are assigning the SentinelOne to groups of devices, select the Device Groups tab and select the checkmark next to each device group where you want to install the agent.
- Click save, then click save again.
- Run the command by selecting the checkbox next to the command on the Commands page and clicking run now.
If the command doesn’t run, verify that you have root permissions.
- After the command finishes, select the Results tab on the Commands page. An exit code of 0 indicates that the command ran successfully. If multiple commands are processed at runtime, only the last exit code is reported. For a list of exit codes, see Understand Command Results.
- Click view to see more information about the results.
Linux
To install the SentinelOne Agent on a Linux device:
- Log in to your Admin Portal.
- Go to DEVICE MANAGEMENT > Commands.
- Click ( + ), then choose Command from Template. See Get Started: Commands for more information.
- Within the command template pane, select Linux.
- Locate the command named Linux - Install Sentinel One Agent and select Configure.
- (Optional) You can edit the default name for this command or type a new name.
- Edit the script to customize these two variables:
- $sentinelToken - Update the sentinelToken variable. For more information, see the SentinelOne documentation (you will need a SentinelOne account to access).
- $installerURL - Download a .deb installer from the SentinelOne website and update this field to the storage location of that .deb file.
This script works for Debian-based Linux distributions in many situations; you might need to alter some variables for your organization. For more information, see the SentinelOne documentation (you will need a SentinelOne account to access).
- Under Options, you can increase the timeout value. The JumpCloud Commands default is 120 seconds.
The command returns a failure if the download and installation does not complete before the timeout passes. Ensure that your timeout value considers the speed of your network connection.
- Click Launch Event, then choose Run Manually.
- Assign the SentinelOne Agent to your devices:
- If you are assigning the SentinelOne to individual devices, select the Devices tab and select the checkmark next to each device where you want to install the agent.
- If you are assigning the SentinelOne to groups of devices, select the Device Groups tab and select the checkmark next to each device group where you want to install the agent.
- Click save, then click save again.
- Run the command by selecting the checkbox next to the command on the Commands page and clicking run now.
If the command doesn’t run, verify that you have root permissions.
- After the command finishes, select the Results tab on the Commands page. An exit code of 0 indicates that the command ran successfully. If multiple commands are processed at runtime, only the last exit code is reported. For a list of exit codes, see Understand Command Results.
- Click view to see more information about the results.
Troubleshooting a SentinelOne Installation
You can use a JumpCloud command to quickly check the status of a SentinelOne agent installation.
- Go to DEVICE MANAGEMENT > Commands, then click (+).
- In the New Command window, enter a name for this command and choose root for Run As.
- Select the OS where you are installing the CrowdStrike agent.
- Type
/usr/local/bin/sentinelctl
status in the Command area, then click save. - On the Commands page, select the checkbox for the new command you created and click Run Now.
- Select the Results tab and verify that the Protection value is enabled. Check this section, which is in the larger body of data that is returned from the command:
Agent
Version: 22.2.3.6268
ID: 67A9E320-CB11-521F-88CD-xxxxxxxxxx
Install Date: 9/14/22, 11:06:41 AM
Missing Authorizations:
ES Framework: started
FW Extension: running
Ready: yes
Protection: enabled
Infected: no
Network Quarantine: no