InvestigAItor

JAMF Deployment (macOS)

Deploy InvestigAItor to macOS devices managed with JAMF Pro. The extension installs silently into Chrome and enrolls automatically using managed preferences.

Tip: Sign in to the admin dashboard and refresh this page to see your enrollment key pre-filled.

Prerequisites

  • JAMF Pro with device management enabled
  • Google Chrome installed on target Macs
  • Your Enrollment Key from the InvestigAItor admin dashboard (Settings → General)

Step 1: Create a Configuration Profile

  1. In JAMF Pro, go to Computers → Configuration Profiles → New
  2. Name it InvestigAItor Extension
  3. Set the level to Computer Level

Step 2: Add the force-install policy

  1. In the profile, click Application & Custom Settings → Custom Schema
  2. Set the preference domain to: com.google.Chrome
  3. Add the following property list content:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
  "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>ExtensionInstallForcelist</key>
  <array>
    <string>ncibbcpcjhieaffkncaeemcfihlhkcdg;https://investigaitor.org/extension-update.xml</string>
  </array>
</dict>
</plist>

Step 3: Add managed configuration (silent enrollment)

Add a second Custom Settings payload (or extend the same one) with the managed extension policy.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
  "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>3rdparty</key>
  <dict>
    <key>extensions</key>
    <dict>
      <key>ncibbcpcjhieaffkncaeemcfihlhkcdg</key>
      <dict>
        <key>enrollmentKey</key>
        <string>YOUR_ENROLLMENT_KEY</string>
        <key>userName</key>
        <string>$USER</string>
        <key>deviceName</key>
        <string>$HOSTNAME</string>
      </dict>
    </dict>
  </dict>
</dict>
</plist>

Replace YOUR_ENROLLMENT_KEY with the enrollment key from your admin dashboard.

What the variables do:

Variable
Purpose
$USER
Logged-in macOS username for billing and attribution
$HOSTNAME
Machine hostname for device identification

Step 4: Scope and deploy

  1. Under the Scope tab, add the target computers or smart groups
  2. Click Save
  3. The profile pushes on the next JAMF check-in

Step 5: Verify

  • On the Mac: Open Chrome and go to chrome://policy. Confirm ExtensionInstallForcelist is present
  • On the Mac: Open chrome://extensions. InvestigAItor should show as Installed by enterprise policy
  • In the dashboard: Go to Devices. The Mac should appear within a few minutes

Edge on macOS

To deploy to Microsoft Edge on macOS instead of Chrome, use the preference domain com.microsoft.Edge and the same policy keys.

Incognito and Guest mode

To enable monitoring in Incognito, add the extension ID to the Incognito allow-list in your Chrome managed preferences. To prevent bypass via Guest mode, set BrowserGuestModeEnabled to false in your Chrome configuration profile.

Having issues? See the Troubleshooting page.