Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1093
Views
0
Helpful
0
Replies

Automating removal of Cisco AnyConnect on Big via Jamf (or other MDMs)

cmcintosh
Level 1
Level 1

‎12-13-2021 04:46 AM

Here is a script I made to remove old installations via Jamf Self Service of Cisco AnyConnect that were done back before a choices.xml file was used.

#!/bin/bash
#This script will uninstall the full install of Cisco AnyConnect with all the modules
# It will first look for the existance of the dart installer. If it is there, it will run.
# then it will run the full anyconnect uninstaller. After that is completed, then we can install
# the new version of Cisco Anywhere that only installs the VPN component.

if [ -e "/opt/cisco/anyconnect/bin/dart_uninstall.sh" ]
then
	/opt/cisco/anyconnect/bin/dart_uninstall.sh
else echo "no DART to remove"	
fi
/opt/cisco/anyconnect/bin/anyconnect_uninstall.sh
exit 0

It works great... with the exception that in Big Sur and Mojave (I haven't tested other versions), it throws up the following dialog:

Screen Shot 2021-12-13 at 7.41.29 AM.png 

Obviously the point of running things in Self Service is so end users don't have to get an admin to authenticate for them. Does anyone know how I can make this alert not come up while running the Cisco-provided scripts for uninstallation? 

According to the logs it looks like /usr/bin/kmutil us being called upon for some reason, but if the Cisco uninstall script is running as root, why is that superuser privilege not extended to commands spun off from it? Or is it?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents