Netskope Help

Install the Netskope Client in IdP Mode and Enroll Users For Mac
  1. The Netskope Client (v71 and above) can be installed a couple of ways for IdP mode:

    • Install NSClient.pkg without any parameters (This will prompt the user for the Netskope tenant name, and then ADFS login details.)

    • Install NSClient.pkg with IdP parameters in multi-user mode (This will prompt user for ADFS login details only.)

    • Install NSClient.pkg with IdP parameters in multi-user mode using JAMF software deployment tool (This will prompt user for ADFS login details only.)

    Note

    The latest JAMF scripts can be downloaded from Netskope support portal here.

    The third option is recommended, but this document describes the second option, the deployment that uses JAMF script and does not leverage the JAMF service.

    You need Admin rights to deploy the Netskope Client on to the endpoints.

  2. Download the NSClient.pkg installer to your download folder on the MAC. You can download the Netskope Client for MAC from your Home POP:

    https://download-<tenant name>.goskope.com/dlr/mac/get

    https://download-<tenant name>.eu.goskope.com/dlr/mac/get

    https://download-<tenant name>.de.goskope.com/dlr/mac/get

  3. Download the JAMF Script from Netskope support portal to your downloads folder on the MAC, and give appropriate permissions to the script as shown:

    sudo chmod 755 jamfnsclientconfig_v9.sh

    Note

    The version number v9 of the script may change after updates occur.

  4. Run the script once with the parameter as shown below. This script requires a few parameters including:

    • Few dummy placeholder parameters

    • Mode IdP

    • Tenant prefix and domain

    • Requestemail (0/1)

    • Peruserconfig (to allow for this to be installed for multiple users)

    The script needs to be run with elevated permissions as certain directories are created to store the initial files.

    For IdP mode usage:

    jamfnsclientconfig.sh <dummy param 1> <dummy param 2> <dummy param 3> idp <domain> <tenant> <requestEmail 1/0> [peruserconfig]

    Example: The script with provided values is shown for tenant (lab.goskope.com)

    sudo ./jamfnsclientconfig_v9.sh 1 2 3 idp goskope.com LAB 0 peruserconfig
    • Installation is configured for peruserconfig mode

    • Installation is configured for IdP mode install

    • Param1 1 Param2 2 Param3 3

    • All Logged in user names: labuser01

    • Logged in user name: labuser01

    • User name is 3 length 1

    • IdP Service Provider Domain is goskope.com

    • IdP Service Provider Tenant key is LAB

    Double-click on the NSClient.pkg installer downloaded in previous steps

  5. Installation will start and prompt for User Account Control to authorize the app. After installation completes, click Finish.

    image49.png
  6. This will prompt you for ADFS login ID and password. This window will continue to prompt you until credentials have been entered. Enter your credentials and click Sign-in.

  7. After a successful login, the Netskope Client will validate the email address of the user in the tenant and download the configuration files from the tenant.

    image53.png
  8. After configurations files have been downloaded successfully, the Client will enroll itself and display Enrolled successfully. Click X to close the window, or it will auto-close in 5 seconds.

    image54.png
  9. Right-click the Client and select Configuration. This will display the email address, gateway, and organization name registered on the device.

    image58.png
    image59.png
  10. User can also Unenroll if the option is enabled in the tenant under Settings > Active Platform > Devices > Client Configurations.

    image79.png