Endpoint Privilege Management for Mac 5.7 Release Notes

September 8, 2020

New Features and Enhancements:

  • Updated to support Apple's new Endpoint Security architecture introduced in macOS 10.15 Catalina.
  • We now notify users of system extension notification deadline timeouts.

Issues Resolved:

  • Resolved an issue in which changing the maximum number of attempts for the retention period of a challenge code was not updated in the database when a policy was updated.
  • Resolved an issue involving strict password requirement policies, in which errors were not handled for generation of a daemon password, which resulted in failure to create an account.

Known Issues:

  • If 5.7 release is installed onto a 10.14 Mojave endpoint and the users update macOS to 10.15 Catalina, the new system extensions will not be enabled. The cause of this is within macOS. We have opened an Apple Feedback ticket for this and suggest the customer raise one too. As a work around, the following commands can be run to enable system extension: 
    spctl -a -vvv -t install /Applications/PrivilegeManagement.app
/Applications/PrivilegeManagement.app/Contents/MacOS/PrivilegeManagement activate

    This will allow the system extensions to be activated as a normal install.

  • If you attempt to install Privilege Management for Mac 5.7 on a Big Sur endpoint, you may notice that the PrivilegeManagement.app has not started, which can be confirmed if the application icon is not present in the menu bar. The workaround for this is to restart the endpoint, which will resolve the issue. We plan to resolve this issue in the next release of Privilege Management for Mac.
  • With the new .mobileConfig file provided in the release during the upload to a Jamf instance, the system extension approval section may be blank, which seems to be an issue with Jamf’s upload implementation. We have opened a service ticket with Jamf for this issue. The current workaround is to complete the System Extensions section of the profile in Jamf, and should have the following details:
    • Enable Allow User to approve system extension
    • Display Name: Privilege Management for Mac
    • System Extension Types: Allowed System extensions
    • Team Identifier: 2ZS8T6NYB8
    • Allowed System Extensions: com.beyondtrust.endpointsecurity

 

Compatibility:

  • Endpoint Privilege Management Policy Editor 5.6
  • Endpoint Privilege Management ePO Extension 5.7
  • Endpoint Privilege Management Console Adapter 2.4
  • BeyondInsight Adapter 5.6

If you have a business requirement to downgrade the Mac client, please first uninstall the currently installed version.

Supported Operating Systems:

  • macOS 10.15 Catalina
  • macOS 10.14 Mojave
  • macOS 10.13 High Sierra