With the release of OS High Sierra 10.13.4, I have found myself with notification prompting about allowing Kernel Extension for certain applications (Cylance,etc..)
Since I mostly use JAMF, the recent release of JAMF Pro 10.3 enables us to deploy a profile that will allow us to handle this prior to installation and for the user.
Following instructions from a post of Graham Gilbert, I was able to easily pull the IDs I needed from a computer that had successfully enabled the kernel extension.
Launch Terminal: sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy
Then: SELECT * FROM kext_policy;
Once you have the IDs (It will be a 10 characters string), go into the Configuration Profiles in JAMF Pro and Click New
In General, Enter the name of your choosing i.e Approved Kernel Extensions
We also want to make sure it’s installed at the computer level
Click Configure, on the new displayed page we will enter the ID under Team ID, I would also use the display name to match the app we are enabling so here Cylance, Inc. and then enter the Team ID.
If you want to be more restrictive in allowing only some kernel extensions, use the kernel extension bundle option where you will enter the bundle specific information i.e com.Cylance.CyProtectDrvOSX
and with this, only the bundle specific will be approve should there be more bundle under the same Team ID
Repeat for all the Kernel Extensions you would like to approve and once done, scope it to the users you want and save to push it.