Can you enable Netskope Client via command line?

We are looking for same solution. 

Hi @Indu, after doing some additional research I've come up with a potential solution on Macs. This workaround kills the Netskope process and renames the Netskope folder in Application Support, which successfully disables Netskope.

Renaming the folder back to "Netskope" and reinstalling the NSClient PKG re-activates Netskope without any interaction from users!

If Netskope comes up with an official solution I'm all ears though 🙂 

Hi @mpray 

Interesting to have your comments here 😊

With R105 we've introduced a new flag that will automatically re-enable the client after restarting the service. This feature applies to user disabled clients and will not affect admin disabled clients. 

overrideUserDisableAfterLogin 
Release notes here.

Introduced a feature flag overrideUserDisableAfterLogin to override the user disabling Client after restart or logoff/login. When the flag is enabled and user disables the Client, it automatically enables the Client after the user:

Does this feature flag require the 105 client or will it work with older clients? I tried testing this with 104 installed but with the feature flag enabled and it didn't work.

I forgot to mention that this feature applies to user disabled clients and will not affect admin disabled clients. Did you test against a user disabled client?

I've updated the my original reply to include this information.

Yes, we did a user disable - waited a couple hours and rebooted the laptop. The agent never re-enabled. We had to manually enable it. Again, it was a 104 build, not 105. So is 105 client a requirement in addition to the feature flag?

Yes, Netskope Client R105 or above is a requirement. I've opened a DOC ticket to get the release notes updated so that is clear. We will also update the release notes with some of the information I've provided in my post as to the name of the flag (overrideUserDisableAfterLogin is a backend flag that is not exposed in our frontend systems) as well as additional note and the condition of restarting the service.

Example of what your device page would look like when using this feature. I've disabled the client (user disabled), then logged out and logged back in. The status updates are posted from the client ~5min so I did wait, got the device update, then proceeded with the next step of testing.

Thanks mpray, R105 feature flag “AutoStart NSClient with Reboot/Relogin” comes close to our requirement. Additional to this, following powershell script every day (for users who don't reboot/re-login for days) can re-enable NS client with agent service restart.

$my_service_name = "stAgentSvc";

$my_service_status = (Get-Service $my_service_name).Status;

if ($my_service_status -eq "stopped")

{

Restart-Service stAgentSvc

}

The MacOS commands do not work on my device despite being on the correct version of Netskope. Do I need to have AutoStart NSClient with Reboot/Relogin enabled as well?

Above commands are for Windows.

Yes, feature flag "AutoStart NSClient with Reboot/Relogin" has to be enabled in the backend by Netskope Support to use those commands on Windows.

Thanks for the update @Indu ! An earlier post by @mpray included a screenshot with Terminal commands that can be run on Mac, suggesting this is possible on Mac as well.

My question was specifically asking if "AutoStart NSClient with Reboot/Relogin" is required for those Mac commands to work, as I have found that they do not work in my testing.

In my original post, I gave an example of the output of one of the Mac commands:

/Library/LaunchDaemons/com.netskope.stagentsvc.plist: No such file or directory
Unload failed: 2: No such file or directory

Hello,

Checking in on this? Any updates?