Contents x
    MDM App Deployment
    • 30 Oct 2024
    • 2 Minutes to read
    • Contributors
      Contents

      MDM App Deployment

      • Updated on 30 Oct 2024
      • 2 Minutes to read
      • Contributors
        Article summary

        Welcome

        Welcome aboard the MDM App Deployment section at Harmony SASE's Help Center!
        This guide offers you a sneak peek into this category and the must-visit resources.

        The deployment process of Harmony SASE varies depending on your MDM (Mobile Device Management) provider and is done utilizing a public app deployment process.

        If you are managing the Harmony SASE client deployment using MDM you should disable the Update client functions in the Harmony SASE Web Console to prevent looping client installation issues.

        Must-Visit Resources

        Recommendations

        .msi installation flags for versions 11.0 and above: 

        Silent Installation:

        • msiexec /quiet /i Harmony_SASE_x.x.x.xxx.msi 

        Silent Installation and get the installation status back to the deployment service:

        • start /wait msiexec /quiet /i “Harmony_SASE_x.x.x.xxx.msi"
        • echo %errorlevel%


        Uninstallation:

        • msiexec /x “Harmony_SASE_x.x.x.xxx.msi"
        Pre-populate the workspace:

        • msiexec /i "Harmony_SASE_x.x.x.xxx.msi" /quiet WORKSPACE="workspace_name"

        Replace "workspace_name" with your actual workspace.

        Pre-populate the data residency region:

        • msiexec /i "Harmony_SASE_x.x.x.xxx.msi" /quiet REGION="EU or US"

        For REGION, add "EU" for Europe and "US" for America.

        Pre-populate both workspace and data residency region:

        • msiexec /i "Harmony_SASE_x.x.x.xxx.msi" /quiet WORKSPACE="workspace_name" REGION="EU or US" 

        Replace "workspace_name" with your actual workspace, and for REGION, add "EU" for Europe and "US" for America.

        .msi installation flags for legacy versions (up to 11.0): 

        Silent Installation:

        • msiexec /quiet /i Perimeter81_x.x.x.xxx.msi 

        Silent Installation and get the installation status back to the deployment service:

        • start /wait msiexec /quiet /i “Perimeter81_x.x.x.xxx.msi"
        • echo %errorlevel%

        Uninstallation:

        • msiexec /x "Perimeter81_x.x.x.xxx.msi"
        Pre-populate the workspace:

        • msiexec /i "Perimeter81_x.x.x.xxx.msi" /quiet WORKSPACE="workspace_name"

        Replace "workspace_name" with your actual workspace.

        Pre-populate the data residency region:

        • msiexec /i "Perimeter81_x.x.x.xxx.msi" /quiet REGION="EU or US"

        For REGION, add "EU" for Europe and "US" for America.

        Pre-populate both workspace and data residency region:

        • msiexec /i "Perimeter81_x.x.x.xxx.msi" /quiet WORKSPACE="workspace_name" REGION="EU or US" 

        Replace "workspace_name" with your actual workspace, and for REGION, add "EU" for Europe and "US" for America.

        .pkg installation flags:

        Silent Installation for version 11.0.10 and above:

        • $ sudo installer -pkg Harmony_SASE_x.x.x.xxx.pkg -target /

        Silent Installation for legacy versions (up to 11.0.10):

        • $ sudo installer -pkg Perimeter81_x.x.x.xxx.pkg -target /
        Please note that most MDM providers use a separate user to deploy MacOS packages. In order to change the client permissions please also run in the Post-install script:
        • $ sudo chown -R $(stat -f%Su /dev/console) "/Applications/Permeter 81.app"
        • $ chmod -R u=rwx "/Applications/Perimeter 81.app"  

        Pre-populate the workspace -Agent version 8.0.4.116 and higher

        • $ sudo defaults write com.perimeter81d workspace "workspace_name"

        Replace "workspace_name" with your actual workspace.

        Remove pre-populated workspace - Agent version 8.0.4.116 and higher

        • $ sudo defaults delete com.perimeter81d workspace

        Pre-populate the region:

        • $ sudo defaults write com.perimeter81d region "EU or US"

        For region, add "EU" for Europe and "US" for America. 

        Uninstall script download link: Uninstall Script for MacOS 

        Linux installation flags:

        Pre-populate the workspace

        • /opt/Perimeter81/perimeter81 ctl set-prepopulate-tenant-id workspace_name
        Replace "workspace_name" with your actual workspace

        Note:
        During installation (vanilla installation), if the region is not pre-populated, you can switch to the EU instance on the global sign in page when signing in to the Harmony SASE Agent, just as you switch workspaces. The selection is remembered for subsequent logins.

        Jumpstart Your Journey

        If you're just stepping into the world of Harmony SASE, our Getting Started Guide is the perfect starting point.

        Support at Your Fingertips

        Got questions or need help? Our support team is available round the clock. You can chat with us anytime on our website, or drop us an email at sase-support@checkpoint.com


        Was this article helpful?
        What's Next