![]() This is helpful for scoping policies to specific groups, and works well in conjunction with policies and profiles to be applied through Self Service APIaddtoStaticGroup adds the computer the script is run on to a Jamf Pro Static Group by its ID number via the API.APIaddAdmin adds the user registered in the JSS to the admin list.Then by using this information you can do customization based on information in your inventory already, or uploaded to inventory preload. Several scripts are using the Jamf API to pull data like the asset tag or assigned user. Some scripts which are not Jamf specific are now located in MacAdminScripts API Scripts I've added interactivity for testing the scripts in most cases so it will prompt if the variable is not passed. I reccomend customizing the fields in Jamf Admin to make it easier to create policies. If you need the script to use a custom value that’s not in one of the built-in variables, create an extension attribute in Settings and upload the values for each computer using MUT or your own API script.Scripts I use to customize systems with parameters and API access.Īll scripts are using the $4, $5, $6 (etc) parameters as provided by Jamf Pro. You can send many settings and use any of the available profile variables. That’s not an example of anything you’d actually want to do… it’s just to illustrate the technique. There will now be a file called “READ ME janedoe!.txt” on the admin user’s desktop. (Wait for scheduled check-in, call it with “sudo jamf policy” in terminal, or set the policy up in Self Service and run it from there…). Create a policy with that script, scope it to a test computer and run it. So my schema is pretty simple… we use when we specify a static parameter in policy settings, we use “defaults read” to pull the value out of the Script preference configuration profile…ħ. I just want my script to have access to the username to which the Mac has been assigned in Jamf Pro inventory. Then you’re going to upload a schema to explain what parameters you want to use in your script. You can enter whatever you want in Preference Domain, but usually these follow the same scheme Apple uses for their preference files, like “”. ![]() ![]() Go down to “Application & Custom Settings” in the payloads list and add an “External Application”.I called mine “Script Preference” and set it to install to computer level. I want a file on every desktop named “Read me, !.txt Write the values you need in your script to the device using a Jamf Pro external application settings profile then read them into your script with “defaults read”. That is a potentially dangerous practice since the user or someone that’s pwned their device to get at them. But that requires us to provide API credentials to the clients. There’s some talk on Jamf Nation about pulling the values down to the running script via API. Jamf doesn’t replace that with the actual username assigned to the computer the way it does when distributing profiles. The script runs and the value of $4 is literally “$USERNAME”. If you’re like me, you’d look in the Admin Guide under Policy Scripts and find no mention of any kind of variable parameters there, and then try entering $USERNAME into a parameter value and running the policy just to see if it works. In the example URL below, “id=2” indicates the extension attribute ID number:įor more information, see Computer Extension Attributes. (computer-level profiles only)Username of the user logging in to the computerĮxtension Attribute ID Number Note: The ID number is found in the extension attribute URL. Username associated with the computer in Jamf Pro You’re probably familiar with the many variables we can use when construction profiles. ($1.$3 are automatically populated with some commonly used values - mount point, computer name, and username.) But what if we need to run the script with different parameter value for each computer? Then when adding the script to a policy, we could tell Jamf to send a value to use when running the script and it would show up in “$4”. For a shell script these would be $1.$11. ![]() In Jamf Pro you can add a script under Settings and label the parameters.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |