Summary
This article describes how to deploy the Automox agent to Intune-enrolled macOS devices.
Due to technical limitations, installing the Automox Agent via the Intune Line of Business is not available.
The best option for installing and configuring the Automox Agent on macOS via Intune is through the Scripts feature: Microsoft - Use shell scripts on macOS devices in Intune
Process
- In Intune Admin Center, select Devices > By platform > macOS > Manage devices > Scripts > Add.
- In Basics, enter the following properties, and select Next:
- Name: Enter a name for the shell script.
- Description: Enter a description for the shell script (optional).
- In Script settings, enter the following properties, and select Next:
- Upload script: Browse to the .sh file created in the section below.
- Run script as signed-in user: Choose No (default) to run the script as the root user.
- Hide script notifications on devices: By default, script notifications are shown for each script that is run. End users see an "IT is configuring your computer" notification message from Intune on macOS devices.
- Script frequency: Your company's choice.
- Max number of times to retry if script fails: Your company's choice.
- In Scope tags, optionally add scope tags for the script, and select Next.
- Select Assignments > Select groups to include.
- In Review + add, a summary is shown of the settings you configured. Select Add to save the script. When you select Add, the script policy is deployed to the groups you chose.
Install Script
Save the following as a .sh file to be uploaded to the script:
- Modify the "
ACCESS_KEY" section to be the Access Key for your company's organization. - Modify the "
GROUP_NAME" section to be the name of the Automox Group you wish the agent to join.
#!/bin/bash -i
accessKey='ACCESS_KEY'
groupPath='Default Group/GROUP_NAME'
ax_agent='/usr/local/bin/amagent'
echo "Checking for existing Automox Agent..."
if [[ -f "${ax_agent}" ]]; then
echo "Automox Agent already present. Proceeding with reconfiguration..."
else
echo "Installing latest Automox Agent..."
curl -sS "https://console.automox.com/downloadInstaller?accesskey=${accessKey}" | sudo bash
install_result=$?
if [[ $install_result -ne 0 ]]; then
echo "Automox Agent installation failed."
exit 1
else
echo "Automox Agent installed successfully."
fi
fi
# Set Group and Re-register Agent
echo "Setting Automox group to: $groupPath"
sudo ${ax_agent} --setgrp "${groupPath}"
echo "Deregistering any existing agent registration..."
sudo ${ax_agent} --deregister
echo "Restarting Automox Agent service..."
sudo launchctl unload /Library/LaunchDaemons/com.automox.agent.plist 2>/dev/null
sudo launchctl load /Library/LaunchDaemons/com.automox.agent.plist
# Enable Secure Token if on Apple Silicon
if [[ "$(arch)" == "arm64" ]]; then
echo "Apple Silicon detected. Attempting Secure Token operations..."
launchctl asuser "$(id -u "$3")" "${ax_agent}" --automox-service-account enable
launchctl asuser "$(id -u "$3")" "${ax_agent}" --automox-user-prompt enable
fi
echo "Automox Agent setup complete."
exit 0