Manual Installation

This document explains the process of installing the Nightfall agent manually.

Prerequisites

  1. Ensure that you have root level access to the target macOS device.

  2. Ensure that you have received and unpacked the Nightfall payload containing .pkg package file and the pre installation script files. If not, contact your Nightfall CSM.

  3. Install the following profiles. You can find these files in the Profiles folder that was created after unpacking the .pkg package file.

    "ai.nightfall.endpoint.automation" "ai.nightfall.endpoint.notification" "ai.nightfall.endpoint.pppc"

  4. Run the MDM pre installation check script.

This checks if all the required profiles are installed. If the profiles are installed, you get a All required profiles are present message. However, if any of the profile(s) are missing, you get a Missing profile: $profile message.

After profiles, this checks for the version of the agent installed. If the latest version is already installed, it displays a NightfallAIAgent version already at: $agent_version message.

  1. Create a default policy for web browser uploads and cloud storage application sync.

Installing the Package

  1. Locate the mdm_pre_installation_script.sh in the payload provided by Nightfall.

  2. Open a Terminal window.

  3. Run the mdm_pre_installation_script.sh script on your local machine as a root user, by executing the following command. 

sudo ./mdm_pre_installation_script.sh

  1. Double click the nightfall-ai-agent_<version>.pkg.

Due to your system settings, you may receive an error as shown in the following image.

In such cases, first click OK.

Next, control click (right click) the nightfall-ai-agent_<version>.pkg file and select Open from the drop-down menu.

A pop up window appears as shown in the following image. Click Open.

  1. Click Continue.

  1. Click Install.

  1. Click Use Password to enter your device password and start the installation process.

Once the installation is completed, you get a completion message as shown in the following image.

  1. Click Close.

At the top right corner of your screen, you can view the Nightfall AI agent icon which looks as follows.

When you click this icon, you can view the details of the agent.

Grant Full Disk Access

To monitor your MAC device, you must grant access to the hard disk. This section explains the process of granting disk access.

  1. Navigate to System Settings > Privacy & Security > Full Disk Access.

  1. Click the + icon at the bottom of the list (you may be prompted to enter your macOS password)

  1. Select NightfallAIAgent (under Applications) and click Open.

  1. Click Quit & Reopen.

On the Full Disk Access page, ensure that the toggle switch is turned on for the NightfallAIAgent. This ensures that the full disk access is granted.

Grant Permission to Monitor Uploads

Apart from the disk access, you must also grant permission to the Nightfall AI agent to monitor browser uploads. This section explains the process.

To grant access to browser uploads:

  1. Open a browser instance and upload a test file.

  2. When prompted, grant the Nightfall AI agent permissions.

Uninstalling the Nightfall AI Agent

To uninstall the Nightfall AI agent, you must execute the following command on your MAC device, as a root user.

mdm_nightfall_ai_agent_uninstall.sh

Verify Profiles

When you install the Nightfall agent manually, you must check your system profiles to ensure that all the Nightfall agent profiles are successfully integrated.

To check the system profiles:

  1. Navigate to Privacy & Security > Profiles.

  1. Ensure that the following profiles are present.

  • Nightfall Notification Profile

  • Nightfall PPPC Profile

  • Nightfall System Event Access

PreviousInstalling Exfiltration for MACNextNightfall Agent Deployment with Kandji MDM

Last updated