Jamf is macOS software to build packages, manage inventory and images, and run remote updates. You can use Jamf, or other MDM software, to install the SentinelOne macOS Agent.
Important
macOS Ventura and later require a new profile - Service Management. This profile will prevent users from disabling the SentinelOne daemons.
From Agent version 22.2 the Network Extension is loaded by default in environments where SentinelOne Firewall is enabled. From Agent version 23.2.2 the Network Extension is loaded by default in all environments, regardless of the SentinelOne Firewall settings. If the Network Extension and Content Filter are not pre-authorized before upgrading to this Agent version, a notification will instruct users to authorize them. To prevent user-facing notifications, pre-authorize the Network Extension and Content Filter:
Create and deploy the Network Monitoring Extension Profile to pre-authorize the installation of the Network Extension.
Create and deploy a Network Filter Validation Profile.
To install and upgrade the macOS kextless Agent using Jamf:
Get the Site Token
Upload the SentinelOne Agent PKG to Jamf
Create a Privacy Control Configuration Profile
Create a Network Monitoring Extension Profile
Create a Network Filter Validation Profile
Create a Notification Profile
Create a Service Management Profile
Upgrade macOS kextless Agents with Jamf
Authorize Bluetooth Low Energy Permissions
Monitor Status with Jamf
Troubleshooting
Installing a Package with Jamf
In the Sentinels toolbar, click Packages.
Download the PKG of the macOS Agent version to install.
Launch Jamf and log in.
Click Settings > Computer Management > Packages.
Click +New.
Upload the SentinelOne Agent PKG file to Jamf.
Set the Category to Packages.
Click Save.
Click Settings > Computer Management > Scripts.
Enter these lines, with your values for the Site or Group Token and SentinelAgent_macos_version.pkg:
sudo echo "token" > /Library/Application\ Support/JAMF/Waiting\ Room/com.sentinelone.registration-token sudo /usr/sbin/installer -pkg /Library/Application\ Support/JAMF/Waiting\ Room/SentinelAgent_macos_version.pkg -target /
Example:
sudo echo "eyfdgfdgdfgfdgfdgcvbvcbfydfdsfdsfdsfdsfsdfhyJ9" > /Library/Application\ Support/JAMF/Waiting\ Room/com.sentinelone.registration-token sudo /usr/sbin/installer -pkg /Library/Application\ Support/JAMF/Waiting\ Room/SentinelAgent_macos_v21_12_2_6003.pkg -target /
Click Save.
In Computers > Policies.
Click Packages and change Action to Cache.
Click Scripts and change Priority to After.
Click Save.
The Agent installs the next time the selected endpoint connects with Jamf.
Creating a Privacy Control Configuration Profile
Use the Privacy Control Configuration profile to grant the Full Disk Access permissions.
To Upload a New Configuration Profile:
Click Computers > Configuration Profiles.
Click Upload.
Click Choose File.
Select the Privacy Control configuration profile mobileconfig file you downloaded, and click Upload.
Recommend: Open the profile in a text editor, and replace Your Company with your company's name.
Alternatively, copy this text, replace Your Company with your company's name, save it as a mobileconfig file, and upload it:
SentinelOne - Privacy Control Agent version 21.5 and lower.mobileconfig:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">;
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadDescription</key>
<string></string>
<key>PayloadDisplayName</key>
<string>Privacy Preferences Policy Control</string>
<key>PayloadIdentifier</key>
<string>236FFBB3-159D-4A5F-B146-AAA7BBA11FF0</string>
<key>PayloadOrganization</key>
<string>Your Company</string>
<key>PayloadType</key>
<string>com.apple.TCC.configuration-profile-policy</string>
<key>PayloadUUID</key>
<string>236FFBB3-159D-4A5F-B146-AAA7BBA11FF0</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>Services</key>
<dict>
<key>SystemPolicyAllFiles</key>
<array>
<dict>
<key>Allowed</key>
<integer>1</integer>
<key>CodeRequirement</key>
<string>anchor apple generic and identifier "com.sentinelone.sentineld" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>
<key>Identifier</key>
<string>com.sentinelone.sentineld</string>
<key>IdentifierType</key>
<string>bundleID</string>
<key>StaticCode</key>
<integer>0</integer>
</dict>
<dict>
<key>Allowed</key>
<integer>1</integer>
<key>CodeRequirement</key>
<string>anchor apple generic and identifier "com.sentinelone.sentineld-helper" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>
<key>Identifier</key>
<string>com.sentinelone.sentineld-helper</string>
<key>IdentifierType</key>
<string>bundleID</string>
<key>StaticCode</key>
<integer>0</integer>
</dict>
<dict>
<key>Allowed</key>
<integer>1</integer>
<key>CodeRequirement</key>
<string>anchor apple generic and identifier "com.sentinelone.sentinel-shell" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>
<key>Identifier</key>
<string>com.sentinelone.sentinel-shell</string>
<key>IdentifierType</key>
<string>bundleID</string>
<key>StaticCode</key>
<integer>0</integer>
</dict>
</array>
</dict>
</dict>
</array>
<key>PayloadDescription</key>
<string>Provides access to all disk to Sentinel One processes</string>
<key>PayloadDisplayName</key>
<string>SentinelOne - Privacy Control</string>
<key>PayloadIdentifier</key>
<string>0F7D9FAD-1257-402C-A942-354723513881</string>
<key>PayloadOrganization</key>
<string>Sentinel Labs, Inc.</string>
<key>PayloadRemovalDisallowed</key>
<true/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>5961E10D-A589-4A7E-9790-8F1C55511014</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>SentinelOne - Privacy Control Agent version 21.7 and later.mobileconfig:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">;
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadDescription</key>
<string></string>
<key>PayloadDisplayName</key>
<string>Privacy Preferences Policy Control</string>
<key>PayloadIdentifier</key>
<string>236FFBB3-159D-4A5F-B146-AAA7BBA11FF0</string>
<key>PayloadOrganization</key>
<string>Your Company</string>
<key>PayloadType</key>
<string>com.apple.TCC.configuration-profile-policy</string>
<key>PayloadUUID</key>
<string>236FFBB3-159D-4A5F-B146-AAA7BBA11FF0</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>Services</key>
<dict>
<key>SystemPolicyAllFiles</key>
<array>
<dict>
<key>Allowed</key>
<integer>1</integer>
<key>CodeRequirement</key>
<string>anchor apple generic and identifier "com.sentinelone.sentineld" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>
<key>Identifier</key>
<string>com.sentinelone.sentineld</string>
<key>IdentifierType</key>
<string>bundleID</string>
<key>StaticCode</key>
<integer>0</integer>
</dict>
<dict>
<key>Allowed</key>
<integer>1</integer>
<key>CodeRequirement</key>
<string>anchor apple generic and identifier "com.sentinelone.sentineld-helper" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>
<key>Identifier</key>
<string>com.sentinelone.sentineld-helper</string>
<key>IdentifierType</key>
<string>bundleID</string>
<key>StaticCode</key>
<integer>0</integer>
</dict>
<dict>
<key>Allowed</key>
<integer>1</integer>
<key>CodeRequirement</key>
<string>anchor apple generic and identifier "com.sentinelone.sentineld-shell" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>
<key>Identifier</key>
<string>com.sentinelone.sentineld-shell</string>
<key>IdentifierType</key>
<string>bundleID</string>
<key>StaticCode</key>
<integer>0</integer>
</dict>
</array>
</dict>
</dict>
</array>
<key>PayloadDescription</key>
<string>Provides access to all disk to Sentinel One processes</string>
<key>PayloadDisplayName</key>
<string>SentinelOne - Privacy Control</string>
<key>PayloadIdentifier</key>
<string>0F7D9FAD-1257-402C-A942-354723513881</string>
<key>PayloadOrganization</key>
<string>Sentinel Labs, Inc.</string>
<key>PayloadRemovalDisallowed</key>
<true/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>5961E10D-A589-4A7E-9790-8F1C55511014</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
Click Scope.
Select Targets and set the devices to receive the configuration profile.
Click Save.
Creating a Network Monitoring Extension Profile
Use the Network Monitoring Extension profile to pre-authorize the installation of the Network Extension.
The instructions here show the steps in Jamf. Use a similar procedure in other MDM tools.
To Upload a New Configuration Profile:
Download the Network Monitoring Extension mobileconfig file.
Click Computers > Configuration Profiles.
Click Upload.
Click Choose File.
Select the Network Monitoring Extension mobileconfig file you downloaded, and click Upload.
Alternatively, copy this text, save it as a mobileconfig file, then upload it:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>AllowUserOverrides</key>
<true/>
<key>AllowedSystemExtensions</key>
<dict>
<key>4AYE5J54KN</key>
<array>
<string>com.sentinelone.network-monitoring</string>
</array>
</dict>
<key>PayloadDescription</key>
<string></string>
<key>PayloadDisplayName</key>
<string>System Extensions</string>
<key>PayloadIdentifier</key>
<string>1BDD5153-6C81-4E0F-B409-1C321FF5E251</string>
<key>PayloadOrganization</key>
<string>Gete.Net Consulting</string>
<key>PayloadType</key>
<string>com.apple.system-extension-policy</string>
<key>PayloadUUID</key>
<string>1BDD5153-6C81-4E0F-B409-1C321FF5E251</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</array>
<key>PayloadDescription</key>
<string>Enables automatic loading of SentinelOne System Extension.</string>
<key>PayloadDisplayName</key>
<string>SentinelOne - Network Monitoring Extension</string>
<key>PayloadIdentifier</key>
<string>C957C35F-004C-4CF4-B075-9CAE5739081B</string>
<key>PayloadOrganization</key>
<string>Sentinel Labs, Inc.</string>
<key>PayloadRemovalDisallowed</key>
<true/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>67BEF468-52BF-4DC9-96E2-2CCF1FEA127E</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>Optional: Create a Removable System Extension to pre-authorize the removal of the Network Monitoring Extension when the Agent is uninstalled.
Note
Supported on macOS Monterey and later.
By default, if you use the Removable System Extension mobileconfig file, end users cannot approve unspecified system extensions. End users may experience unwanted behavior if they cannot approve unspecified system extensions.
To let end users approve unspecified system extensions, click Edit and enable Allow users to approve system extensions after you upload the mobileconfig file.
To create a Removable System Extension, download the Removable System Extension mobileconfig file and redo steps 2 through 5 to upload it.
Alternatively, copy this text, save it as a mobileconfig file, then upload it:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1">
<dict>
<key>PayloadUUID</key>
<string>B8F1F9C1-AE66-4939-BEFD-8BB6F597E279</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadOrganization</key>
<string>Sentinel Labs, Inc.</string>
<key>PayloadIdentifier</key>
<string>B8F1F9C1-AE66-4939-BEFD-8BB6F597E279</string>
<key>PayloadDisplayName</key>
<string>SentinelOne Removable System Extension</string>
<key>PayloadDescription</key>
<string/>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadEnabled</key>
<true/>
<key>PayloadRemovalDisallowed</key>
<true/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadUUID</key>
<string>2B453873-A72A-4389-908A-9BF11B98790F</string>
<key>PayloadType</key>
<string>com.apple.system-extension-policy</string>
<key>PayloadOrganization</key>
<string>Sentinel Labs, Inc.</string>
<key>PayloadIdentifier</key>
<string>2B453873-A72A-4389-908A-9BF11B98790F</string>
<key>PayloadDisplayName</key>
<string>System Extensions</string>
<key>PayloadDescription</key>
<string/>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadEnabled</key>
<true/>
<key>AllowUserOverrides</key>
<false/>
<key>AllowedTeamIdentifiers</key>
<array>
<string>4AYE5J54KN</string>
</array>
<key>RemovableSystemExtensions</key>
<dict>
<key>4AYE5J54KN</key>
<array>
<string>com.sentinelone.network-monitoring</string>
</array>
</dict>
</dict>
</array>
</dict>
</plist>
Click Scope.
Select Targets and set the devices to receive the configuration profile.
Click Save.
Creating a Network Filter Validation Profile
Use the Network Filter Validation profile to pre-authorize the usage of the SentinelOne Network Filter by the Network Monitoring Extension.
The instructions here show the steps in JAMF. Use a similar procedure in other MDM tools.
To Upload a New Configuration Profile:
Click Computers > Configuration Profiles.
Click Upload.
Click Choose File.
Select the Network Filter Validation mobileconfig file you downloaded, and click Upload.
Alternatively, copy this text, save it as a mobileconfig file, and upload it:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>FilterDataProviderBundleIdentifier</key>
<string>com.sentinelone.network-monitoring</string>
<key>FilterDataProviderDesignatedRequirement</key>
<string>identifier "com.sentinelone.network-monitoring" and anchor apple generic and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "4AYE5J54KN")</string>
<key>FilterGrade</key>
<string>firewall</string>
<key>FilterPackets</key>
<false/>
<key>FilterSockets</key>
<true/>
<key>FilterType</key>
<string>Plugin</string>
<key>PayloadDisplayName</key>
<string>Web Content Filter Payload</string>
<key>PayloadIdentifier</key>
<string>14DDD990-E2D8-4DD1-8CC6-72FEFB5F252B</string>
<key>PayloadOrganization</key>
<string>JAMF Software</string>
<key>PayloadType</key>
<string>com.apple.webcontent-filter</string>
<key>PayloadUUID</key>
<string>14DDD990-E2D8-4DD1-8CC6-72FEFB5F252B</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PluginBundleID</key>
<string>com.sentinelone.extensions-wrapper</string>
<key>UserDefinedName</key>
<string>SentinelOne Extensions</string>
</dict>
</array>
<key>PayloadDescription</key>
<string>Authorizes SentinelOne Network Filter automatic validation.</string>
<key>PayloadDisplayName</key>
<string>SentinelOne - Network Filter Validation</string>
<key>PayloadIdentifier</key>
<string>7889BE15-9387-4CDD-B2D7-D57B65EDA1E5</string>
<key>PayloadOrganization</key>
<string>Sentinel Labs, Inc.</string>
<key>PayloadRemovalDisallowed</key>
<true/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>2C480E0F-AA21-420F-8BC8-0E1AC975BC51</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
Click Scope.
Select Targets and set the devices to receive the configuration profile.
Click Save.
Creating a Notification Profile
Use the Notification profile to approve all notifications from the SentinelOne Agent.
To create a New Configuration Profile:
Click Computers > Configuration Profiles.
Click + New.
In the sidebar on the left click Notifications
Create a new Notifications profile:
App Name: SentinelOne
Bundle ID:
com.sentinelOne.SentinelAgentCritical Alerts:
EnabledNotifications:
Banner alert type
Notifications on Lock screen: Display
Notifications in Notification Center: Display
Badge app icon: Display
Play sound for notifications: Enable
Click Save.
Click Scope.
Select Targets and set the devices to receive the configuration profile.
Click Save.
Creating a Service Management Profile
Agents: macOS 22.2.3 Kextless + | Ventura 13.0+
Use the Service Management Profile to approve the SentinelOne Agent in the Login Items on macOS Ventura. This profile will prevent users from disabling the SentinelOne daemons.
To Upload a New Configuration Profile:
Download the Service Management mobileconfig file.
Click Computers > Configuration Profiles.
Click Upload.
Click Choose File.
Select the Service Management configuration profile you downloaded, and click Upload.
Alternatively, copy this text, save it as a mobileconfig file, and upload it:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">;
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadType</key>
<string>com.apple.servicemanagement</string>
<key>PayloadIdentifier</key>
<string>com.apple.servicemanagement.E01FDD5D-6953-4F89-AE9C-98EC6AF31483</string>
<key>PayloadUUID</key>
<string>E01FDD5D-6953-4F89-AE9C-98EC6AF31483</string>
<key>Rules</key>
<array>
<dict>
<key>RuleType</key>
<string>LabelPrefix</string>
<key>RuleValue</key>
<string>com.sentinelone.</string>
<key>Comment</key>
<string>Prevent removal of SentinelOne Launch Agents and Launch Daemons</string>
</dict>
<dict>
<key>RuleType</key>
<string>BundleIdentifierPrefix</string>
<key>RuleValue</key>
<string>com.sentinelone.</string>
<key>Comment</key>
<string>Prevent removal of SentinelOne Launch Agents and Launch Daemons</string>
</dict>
</array>
</dict>
</array>
<key>PayloadDescription</key>
<string>Manage components that run at start up</string>
<key>PayloadDisplayName</key>
<string>Service Management</string>
<key>PayloadIdentifier</key>
<string>2B752EEE-3A7D-4995-94C2-41532A4479E4</string>
<key>PayloadOrganization</key>
<string>SentinelOne</string>
<key>PayloadRemovalDisallowed</key>
<true/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>8F211DB0-7065-4A0D-8738-7277C7CDD384</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>
Click Scope.
Select Targets and set the devices to receive the configuration profile.
Click Save.
Upgrading macOS kextless Agents with Jamf
Download the PKG of the new macOS Agent version.
Launch Jamf and log in.
Create a configuration profile with the same values as the installation profile.
Add the new Agent PKG file to Jamf.
Click Script and enter this line, with your values for the PKG_pathname:
sudo sentinelctl upgrade-pkg PKG_pathname
Click Save.
The Agent updates the next time the selected endpoints connect with Jamf.
Monitoring Status with Jamf
You can monitor macOS endpoints with Jamf. Configure a custom Extension Attribute on the install base. Then deploy the script (below) that returns the status of the Agent on each endpoint. To learn how to configure Extension Attributes in Jamf, see the Jamf documentation (Computer Extension Attributes).
#!/bin/sh
# This script will check the status of the SentinelOne Agent
if command -v sentinelctl 1>/dev/null; then
echo "<result> SentinelOne agent is installed with version `sentinelctl version | awk '{print $2}'` and was connected to management console `sentinelctl config Server Address | tail -1 | awk '{print $2}'` </result>"
else
s1_agent=$(ps aux | grep -Ei "sentineld$" | awk '{ print $11 };' | grep -v grep)
if [ -z $s1_agent ]; then
echo "<result>SentinelOne Agent is not Installed.</result>";
else
s1_agent=$(echo $s1_agent | sed 's|sentineld|sentinelctl|g')
echo "<result>SentinelOne Agent is running but could not locate SentinelCtl in the default PATH /usr/local/bin. The full path is - $s1_agent </result>" ;
fi
fi
Troubleshooting
If you see this error message An unexpected error occurred while moving files to the final destination:
It is possible that there is an Agent already installed on the endpoint.
It is possible that there is an issue with the required permissions, or that there is a security product that is blocking the SentinelOne Agent.
Upload Configuration Profile "File cannot be processed" - If an error occurs when you upload the SentinelOne Notification OS X Configuration Profile to Jamf, this error message will show. To resolve, copy the contents of the .mobileconfig file directly to Jamf.
Workaround:
Click Computers > Configuration Profiles.
Click + New .
In the General tab:
Name:
SentinelOne NotificationsDescription:
SentinelOne Notifications ProfileCategory:
None (default)Distribution Method:
Install Automatically (default)Level:
Computer Level (default)
In the sidebar on the left click Application & Custom Settings and select Upload.
Click + Add
Create a new notifications profile:
Preference Domain:
com.apple.notificationsettingsProperty List:
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1"><dict><key>PayloadUUID</key><string>06E3D125-98B1-4B71-92FA-6AFF1914A958</string><key>PayloadType</key><string>Configuration</string><key>PayloadOrganization</key><string>Your Company</string><key>PayloadIdentifier</key><string>06E3D125-98B1-4B71-92FA-6AFF1914A958</string><key>PayloadDisplayName</key><string>SentinelOne - Accept all Notifications</string><key>PayloadDescription</key><string>Automatically authorizes Notifications for SentinelOne.</string><key>PayloadVersion</key><integer>1</integer><key>PayloadEnabled</key><true/><key>ConsentText</key><dict><key>default</key><string/></dict><key>PayloadRemovalDisallowed</key><false/><key>PayloadScope</key><string>System</string><key>PayloadContent</key><array><dict><key>PayloadUUID</key><string>6201B936-C953-4717-9929-4944F3EC4CA4</string><key>PayloadType</key><string>com.apple.notificationsettings</string><key>PayloadOrganization</key><string>Your Company</string><key>PayloadIdentifier</key><string>GNC-MacBook-Pro.03b46baa-3c3d-4c9b-913b-870fc79ebe21.com.apple.notificationsettings.6201B936-C953-4717-9929-4944F3EC4CA4</string><key>PayloadDisplayName</key><string>Notifications</string><key>PayloadDescription</key><string/><key>PayloadVersion</key><integer>1</integer><key>PayloadEnabled</key><true/><key>NotificationSettings</key><array><dict><key>ShowInNotificationCenter</key><true/><key>AlertType</key><integer>0</integer><key>NotificationsEnabled</key><true/><key>CriticalAlertEnabled</key><true/><key>GroupingType</key><integer>0</integer><key>ShowInLockScreen</key><true/><key>BadgesEnabled</key><true/><key>ShowInCarPlay</key><false/><key>SoundsEnabled</key><true/><key>BundleIdentifier</key><string>com.sentinelOne.SentinelAgent</string></dict></array></dict></array></dict></plist><?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">;
<plist version="1">
<dict>
<key>PayloadUUID</key>
<string>06E3D125-98B1-4B71-92FA-6AFF1914A958</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadOrganization</key>
<string>Your Company</string>
<key>PayloadIdentifier</key>
<string>06E3D125-98B1-4B71-92FA-6AFF1914A958</string>
<key>PayloadDisplayName</key>
<string>SentinelOne - Accept all Notifications</string>
<key>PayloadDescription</key>
<string>Automatically authorizes Notifications for SentinelOne.</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadEnabled</key>
<true/>
<key>ConsentText</key>
<dict>
<key>default</key>
<string/>
</dict>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadUUID</key>
<string>6201B936-C953-4717-9929-4944F3EC4CA4</string>
<key>PayloadType</key>
<string>com.apple.notificationsettings</string>
<key>PayloadOrganization</key>
<string>Your Company</string>
<key>PayloadIdentifier</key>
<string>GNC-MacBook-Pro.03b46baa-3c3d-4c9b-913b-870fc79ebe21.com.apple.notificationsettings.6201B936-C953-4717-9929-4944F3EC4CA4</string>
<key>PayloadDisplayName</key>
<string>Notifications</string>
<key>PayloadDescription</key>
<string/>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadEnabled</key>
<true/>
<key>NotificationSettings</key>
<array>
<dict>
<key>ShowInNotificationCenter</key>
<true/>
<key>AlertType</key>
<integer>0</integer>
<key>NotificationsEnabled</key>
<true/>
<key>CriticalAlertEnabled</key>
<true/>
<key>GroupingType</key>
<integer>0</integer>
<key>ShowInLockScreen</key>
<true/>
<key>BadgesEnabled</key>
<true/>
<key>ShowInCarPlay</key>
<false/>
<key>SoundsEnabled</key>
<true/>
<key>BundleIdentifier</key>
<string>com.sentinelOne.SentinelAgent</string>
</dict>
</array>
</dict>
</array>
</dict>
</plist>
Click Save.
Click Scope.
Select Targets and set the devices to receive the configuration profile.
Click Save.