Install Mac forwarder with non-specific MDM

With the Stairwell Forwarder for MacOS, organizations can automatically collect files from macOS devices (Intel & Apple Silicon supported) and have them processed by the Stairwell platform. To deploy the Stairwell Forwarder, multiple pieces will need to be in place before it can fully function.

📘

This article is for installing the Stairwell Forwarder via a non-specific MDM. For a specific, step-by-step guide for your MDM, please check to see if there is an article available here.

Prerequisite(s)

  • Mobile device management (MDM) on a supervised macOS machine or with user-approved MDM enrollment on a macOS machine
  • An understanding of configuration profiles and creating them in your MDM
  • System Extensions payload
  • Privacy Preferences Policy Control payload
  • An Stairwell Preferences payload that will need:
    • Your Environment ID
    • An Authentication Token (also referred to as a Registration Token)


🚧

Warning!

The initial scan (we refer to as the backscan) is a comprehensive physical disk scan that is very resource intensive for a short period of time. We do not recommend installing the forwarder on critical assets early in your deployment. Think of your first several deployments as "sacrificial" in that they will take the biggest hit because they will be uploading the greatest number of unique files and each subsequent install will have less and less unique files and therefore, shorter and less intensive backscans.

Configuration

For Configuration Profile Examples that have all of the following settings, see the Download Center.

  • Configure the System Extensions payload with the following required information:
    • Bundle Identifier: com.stairwell.Stairwell.ProcessMonitor
    • Team Identifier: 677UQVFGY8
  • Configure the Privacy Preferences Policy Control payload with the following required information:
    • Bundle Identifier: 
    com.stairwell.Stairwell.ProcessMonitor
    
    • Code Requirement: 
    anchor apple generic and identifier "com.stairwell.Stairwell.ProcessMonitor" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = "677UQVFGY8")
    
    • SystemPolicyAllFiles set to Enabled/Allow (your MDM may use a different term)
  • Configure the Preferences payload (sometimes referred to as a Managed Preferences payload, a Custom Settings payload, or other) with the following required keys:
    • Payload: com.stairwell.Stairwell.ProcessMonitor
    • Key: EnvId
    • Value:
    • Key: RegistrationToken
    • Value:
  • To assist in troubleshooting in the event of an error, include these optional keys:
    • Key: Debug
    • Value: True
  • Once the required profile payloads are created, push the payloads out to your environment. This must be done before installation

❗️

Aside from your unique Environment ID and Authentication Token, all required information should be written exactly as it appears in this article.

Installation

Once the required profile payloads have been pushed out to your environment, the Stairwell Forwarder for macOS can be deployed using your MDM and the process of your choosing. The most recent Stairwell Forwarder install package can be found on the Download Center.

❗️

If the profile payloads from the steps above are incorrect or not present before the installer runs, the installation will fail and require remediation.

Confirm Installation

  • Navigate to https://app.stairwell.com and log in
  • Click on Assets
  • Click on the newly created asset name(s) to confirm the retrieval of files
  • Take note of the data under All Objects

📘

It may take a few minutes for file ingestion to begin and show in the application.