macOS Agent Utility
IBM Security includes a UI-based macOS Agent Utility implemented as a preference pane. The utility provides functionality previously only available via Terminal shell commands. The utility allows customers to easily troubleshoot by
- checking an endpoint status.
- view an endpoint cache.
It also offers UI-guided means to
- register the agent with the server.
- update the endpoint to retrieve latest policies.
Accessing the Agent Utility
To access the Verify Privilege Manager macOS Agent Utility, use any of the following methods.
-
Select the Agent Utility icon in the menu bar (if present) and select Agent Utility from the menu.
-
Open System Settings (System Preferences on macOS 12 Monterey and earlier); choose Privilege Manager, then select Open Agent Utility.
-
In the Finder, open the Applications folder and double-click the Privilege Manager icon.
General Tab
When a local admin user opens the utility, the controls to make changes are unlocked. For standard users they are locked, but can be unlocked by clicking the icon and entering an administrator's user name and password.
On the General tab, under Agent Information, the utility provides details like the computer's name, agent ID, the number of applicable policies and client items cached. It also provides the date/time stamp of the last update.
Under Server Information, the Server URL for the current agent registration is listed. Here, administrator users can either Register a not yet registered agent, or Modify an existing agent registration.
Use Update Client Items to trigger a client item update. When Update Client Items is selected, and if there are updates to applicable policies or policies are added to the endpoint, the last updated time stamp will change to reflect when the last client items change on the endpoint happened. The date/time stamp does not reflect when the last update client items command ran, the date/time stamp only updates when there was an actual change on the endpoint.
Registering/Modifying an Agent
To register an agent or to modify an existing agent registration via the Agent Utility, follow these steps:
-
Open the Verify Privilege Manager Agent Utility.
-
On the General tab under Server Information, click Register or Modify.
- Enter the Server URL for the agent registration or modified registration.
- If the agent has been installed without an install code or the agent's registration was revoked, provide an install code to register the agent.
- Click Save.
Client Items Tab
The Client Items tab provides an overview of all client items on the endpoint. The client items are grouped into the following categories:
- Policies
- Actions
- Commands
- Filters
- Provisioned Resources
The following image shows the client items on the endpoint with policies expanded.
Use expand or collapse to better navigate through the list of applicable client items on the endpoint. The following image shows the client items on the endpoint with policies, commands, filters, and provisioned resources collapsed.