├── JC_CSVUserImport.sh ├── JC_CheckAgentPorts.sh ├── JC_CommandTriggerExample.sh ├── JC_RunCommandExample.sh ├── JC_SetSystemSSHConfigs.sh ├── JC_UserImport.sh ├── LICENSE ├── README.md └── RenameMacUserNameAndHomeDirectory.sh /JC_CSVUserImport.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ######################################################################################### 4 | # 5 | # JC_CSVUserImport.sh - imports users from a CSV file into JumpCloud(tm) 6 | # 7 | # This script accepts a .csv file as an argument, in either of the following forms: 8 | # 9 | # 1. login,email 10 | # 2. email 11 | # 12 | # and loads them as system users into JumpCloud. If #2, the user name portion of the 13 | # email is used to create the account. As is normal for JumpCloud, any newly-added 14 | # users will receive an email prompting them to set up their password, SSH public 15 | # key, and Google Authenticator. 16 | # 17 | # If you have any questions or problems with the operation of this script, please 18 | # contact support@jumpcloud.com. 19 | # 20 | # License: This script is made available by JumpCloud under the 21 | # Mozilla Public License v2.0 (https://www.mozilla.org/MPL/2.0/) 22 | # 23 | # Author: James D. Brown (james@jumpcloud.com) 24 | # Created: Fri, Apr 11, 2014 25 | # 26 | # Copyright (c) 2014 JumpCloud, Inc. 27 | # 28 | ######################################################################################### 29 | 30 | ###### 31 | # -------------------------- START USER CUSTOMIZATION SECTION -------------------------- 32 | ###### 33 | 34 | # 35 | # To obtain your API key, login to the JumpCloud console, and using your user account 36 | # menu in the upper right corner of the screen, select "API Settings". 37 | # 38 | jumpCloudAPIKey="" 39 | 40 | ###### 41 | # --------------------------- END USER CUSTOMIZATION SECTION --------------------------- 42 | ###### 43 | 44 | sourceFiles="${*}" 45 | 46 | if [ "$#" -lt 1 ] 47 | then 48 | echo "Usage: $0 [[] ... ]" 49 | exit 1 50 | fi 51 | 52 | APIKeyIsValid() { 53 | login="${1}" 54 | 55 | result=`curl --silent \ 56 | -d "{\"filter\": [{\"username\" : \"${login}\"}]}" \ 57 | -X 'GET' \ 58 | -H 'Content-Type: application/json' \ 59 | -H 'Accept: application/json' \ 60 | -H "x-api-key: ${jumpCloudAPIKey}" \ 61 | "https://console.jumpcloud.com/api/systemusers"` 62 | 63 | if [ "${result}" = "Unauthorized" ] 64 | then 65 | return 1 66 | fi 67 | 68 | return 0 69 | } 70 | 71 | findAccountInJumpCloud() { 72 | login="${1}" 73 | 74 | curl --silent \ 75 | -d "{\"filter\": [{\"username\" : \"${login}\"}]}" \ 76 | -X 'POST' \ 77 | -H 'Content-Type: application/json' \ 78 | -H 'Accept: application/json' \ 79 | -H "x-api-key: ${jumpCloudAPIKey}" \ 80 | "https://console.jumpcloud.com/api/search/systemusers" 81 | } 82 | 83 | addAccountToJumpCloud() { 84 | login="${1}" 85 | email="${2}" 86 | 87 | result=`curl --silent \ 88 | -d "{\"email\" : \"${email}\", \"username\" : \"${login}\" }" \ 89 | -X 'POST' \ 90 | -H 'Content-Type: application/json' \ 91 | -H 'Accept: application/json' \ 92 | -H "x-api-key: ${jumpCloudAPIKey}" \ 93 | "https://console.jumpcloud.com/api/systemusers"` 94 | 95 | if [ `echo "${result}" | grep -c '"status"'` -eq 1 ] 96 | then 97 | echo "${result}" 98 | fi 99 | } 100 | 101 | normalizeCSV() { 102 | files="${*}" 103 | 104 | cat ${files} | tr "\r" "\n" | gawk -F',' '{ 105 | login=""; 106 | email=""; 107 | 108 | # Is this a heading line? 109 | if (NR == 1 && NF == 2 && $2 !~ /@/) { 110 | 111 | # Yep, looks like a header, skip it 112 | next; 113 | } 114 | 115 | # Remove any double-quotes 116 | gsub(/"/, ""); 117 | 118 | if (NF == 1) { 119 | len=split($0, parts, /@/); 120 | 121 | if (len == 2) { 122 | login=parts[1]; 123 | email=$0; 124 | } 125 | } else if (NF == 2) { 126 | login=$1; 127 | email=$2; 128 | } 129 | 130 | printf("%s,%s\n", login, email); 131 | }' - 132 | } 133 | 134 | APIKeyIsValid 135 | 136 | if [ ${?} -eq 1 ] 137 | then 138 | echo "ERROR: The API key is unauthorized." 139 | exit 1 140 | fi 141 | 142 | for file in ${sourceFiles} 143 | do 144 | if [ ! -r "${file}" ] 145 | then 146 | echo "${file}: does not exist" 147 | 148 | continue; 149 | fi 150 | 151 | normalizeCSV "${file}" | while read line 152 | do 153 | login=`echo ${line} | awk -F',' '{ print $1; }' -` 154 | email=`echo ${line} | awk -F',' '{ print $2; }' -` 155 | 156 | # 157 | # Account already in JumpCloud? 158 | # 159 | if [ `findAccountInJumpCloud "${login}" | grep -c "\"totalCount\":1"` -eq 1 ] 160 | then 161 | echo "${login}: already exists in JumpCloud" 162 | else 163 | echo -n "Adding ${login} (${email}): " 164 | 165 | # 166 | # Nope, add it 167 | # 168 | result=`addAccountToJumpCloud "${login}" "${email}"` 169 | 170 | if [ ! -z "${result}" ] 171 | then 172 | echo "ERROR: ${result}" 173 | else 174 | echo "SUCCESS" 175 | fi 176 | fi 177 | done 178 | done 179 | 180 | exit 0 -------------------------------------------------------------------------------- /JC_CheckAgentPorts.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ######################################################################################### 4 | # 5 | # JC_CheckAgentPorts.sh - Verifies that all the necessary agent ports are open, to help 6 | # diagnose potential installation or connectivity problems. 7 | # 8 | # If you have any questions or problems with the operation of this script, please 9 | # contact support@jumpcloud.com. 10 | # 11 | # License: This script is made available by JumpCloud under the 12 | # Mozilla Public License v2.0 (https://www.mozilla.org/MPL/2.0/) 13 | # 14 | # Author: James D. Brown (james@jumpcloud.com) 15 | # Created: Tue, Aug 5, 2014 16 | # 17 | # Copyright (c) 2014 JumpCloud, Inc. 18 | # 19 | ######################################################################################### 20 | 21 | servers="agent.jumpcloud.com kickstart.jumpcloud.com" 22 | ports="443" 23 | 24 | # 25 | # Set the pathes of the following commands as appropriate for your server 26 | # 27 | CURL="/usr/bin/curl" 28 | NSLOOKUP="/usr/bin/nslookup" 29 | 30 | getIpList() { 31 | hostname=$1 32 | 33 | ${NSLOOKUP} ${hostname} | awk '{ 34 | if ($0 == "Non-authoritative answer:") { 35 | inAnswer=1; 36 | } 37 | 38 | if (inAnswer == 1 && $1 == "Address:") { 39 | print $2; 40 | } 41 | }' - 42 | } 43 | 44 | for file in ${CURL} ${NSLOOKUP} 45 | do 46 | if [ ! -x "${file}" ] 47 | then 48 | echo "Path is not set correctly for ${file}, please correct and re-run" 49 | 50 | exit 1 51 | fi 52 | done 53 | 54 | echo "JumpCloud Agent Connection Verification Utility" 55 | echo "-----------------------------------------------" 56 | 57 | for name in ${servers} 58 | do 59 | ipList=`getIpList ${name}` 60 | 61 | if [ -z "${ipList}" ] 62 | then 63 | echo "ERROR: Could not resolve IPs for ${name}" 64 | echo "" 65 | echo "Results:" 66 | ${NSLOOKUP} ${name} 67 | fi 68 | 69 | for ip in ${ipList} 70 | do 71 | for port in ${ports} 72 | do 73 | echo -n "${name} (${ip}):${port}: " 74 | 75 | ${CURL} --connect-timeout 3 https://${ip}:${port} 1>/dev/null 2>&1 76 | 77 | err=$? 78 | 79 | # 80 | # No connect or connect timeout? 81 | # 82 | if [[ ${err} -eq 7 || ${err} -eq 28 ]] 83 | then 84 | echo "FAIL (err=${err})" 85 | else 86 | echo "OK" 87 | fi 88 | done 89 | done 90 | done 91 | 92 | exit 0 93 | -------------------------------------------------------------------------------- /JC_CommandTriggerExample.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ######################################################################################### 4 | # 5 | # JC_CommandTriggerExample.sh - An example demonstrating how to call a Command Trigger 6 | # on JumpCloud 7 | # 8 | # If you have any questions or problems with the operation of this script, please 9 | # contact support@jumpcloud.com. 10 | # 11 | # License: This script is made available by JumpCloud under the 12 | # Mozilla Public License v2.0 (https://www.mozilla.org/MPL/2.0/) 13 | # 14 | # Author: James D. Brown (james@jumpcloud.com) 15 | # Created: Mon, Apr 14, 2014 16 | # 17 | # Copyright (c) 2014 JumpCloud, Inc. 18 | # 19 | ######################################################################################### 20 | 21 | ###### 22 | # -------------------------- START USER CUSTOMIZATION SECTION -------------------------- 23 | ###### 24 | 25 | # 26 | # To obtain your API key, login to the JumpCloud console, and using your user account 27 | # menu in the upper right corner of the screen, select "API Settings". 28 | # 29 | jumpCloudAPIKey="" 30 | 31 | ###### 32 | # --------------------------- END USER CUSTOMIZATION SECTION --------------------------- 33 | ###### 34 | 35 | triggerNames="${*}" 36 | 37 | if [ "$#" -lt 1 ] 38 | then 39 | echo "Usage: $0 [[] ... ]" 40 | exit 1 41 | fi 42 | 43 | APIKeyIsValid() { 44 | login="${1}" 45 | 46 | result=`curl --silent \ 47 | -d "{\"filter\": [{\"username\" : \"${login}\"}]}" \ 48 | -X 'GET' \ 49 | -H 'Content-Type: application/json' \ 50 | -H 'Accept: application/json' \ 51 | -H "x-api-key: ${jumpCloudAPIKey}" \ 52 | "https://console.jumpcloud.com/api/systemusers"` 53 | 54 | if [ "${result}" = "Unauthorized" ] 55 | then 56 | return 1 57 | fi 58 | 59 | return 0 60 | } 61 | 62 | callTriggerByName() { 63 | 64 | triggerName="${1}" 65 | 66 | curl --silent \ 67 | -X 'POST' \ 68 | -H "x-api-key: ${jumpCloudAPIKey}" \ 69 | "https://console.jumpcloud.com/api/command/trigger/${triggerName}" 70 | } 71 | 72 | APIKeyIsValid 73 | 74 | if [ ${?} -eq 1 ] 75 | then 76 | echo "ERROR: The API key is unauthorized." 77 | exit 1 78 | fi 79 | 80 | for trigger in ${triggerNames} 81 | do 82 | callTriggerByName "${trigger}" 83 | done 84 | 85 | exit 0 86 | -------------------------------------------------------------------------------- /JC_RunCommandExample.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ######################################################################################### 4 | # 5 | # JC_RunCommandExample.sh - An example of running a command via the JumpCloud(tm) 6 | # runCommand API. This allows Command Runner users to execute commmands directly 7 | # via the API, since as of this writing, they cannot access the Triggers API. 8 | # 9 | # This script exports the commands saved and accessible by the API key provided, and 10 | # lets you run a commmand by that user, as if it were executed by the "Run Now" button 11 | # in the JumpCloud Commands tab. 12 | # 13 | # If you have any questions or problems with the operation of this script, please 14 | # contact support@jumpcloud.com. 15 | # 16 | # License: This script is made available by JumpCloud under the 17 | # Mozilla Public License v2.0 (https://www.mozilla.org/MPL/2.0/) 18 | # 19 | # Author: James D. Brown (james@jumpcloud.com) 20 | # Created: Mon, Jul 7, 2014 21 | # 22 | # Copyright (c) 2014 JumpCloud, Inc. 23 | # 24 | ######################################################################################### 25 | 26 | ###### 27 | # -------------------------- START USER CUSTOMIZATION SECTION -------------------------- 28 | ###### 29 | 30 | # 31 | # To obtain your API key, login to the JumpCloud console, and using your user account 32 | # menu in the upper right corner of the screen, select "API Settings". 33 | # 34 | jumpCloudAPIKey="" 35 | 36 | getCommands() { 37 | curl --silent \ 38 | -X 'GET' \ 39 | -H 'Content-Type: application/json' \ 40 | -H 'Accept: application/json' \ 41 | -H "x-api-key: ${jumpCloudAPIKey}" \ 42 | "https://console.jumpcloud.com/api/commands" 43 | } 44 | 45 | getCommandById() { 46 | id="${1}" 47 | 48 | curl --silent \ 49 | -X 'GET' \ 50 | -H 'Content-Type: application/json' \ 51 | -H 'Accept: application/json' \ 52 | -H "x-api-key: ${jumpCloudAPIKey}" \ 53 | "https://console.jumpcloud.com/api/commands/${id}" 54 | } 55 | 56 | showCommands() { 57 | 58 | # 59 | # Warning: For example purposes only, a comma within a field value, like a command name 60 | # or command string will break this... 61 | # 62 | # This excludes the complexity of adding a bashful JSON parser, but that's relatively 63 | # easy to add instead... 64 | # 65 | awk -F',' '{ 66 | for (i=1; i<=NF; i++) { 67 | print $i; 68 | } 69 | }' - | sed 's/"results":[[][{]"//g 70 | s/"//g 71 | s/^[{]//g 72 | s/\[}]$//g 73 | s/[}]//g 74 | s/[]]//g' | awk -F':' 'BEGIN { idx=1; } 75 | { 76 | if ($1 == "name") { 77 | name[idx]=$2; 78 | } else if ($1 == "command") { 79 | command[idx]=$2; 80 | } else if ($1 == "_id") { 81 | id[idx++]=$2; 82 | } 83 | } 84 | END { 85 | printf("%-26s\t%-20s\t%-40s\n", "ID", "Name", "Command"); 86 | 87 | for(i=1; i]" 117 | fi 118 | 119 | exit 0 -------------------------------------------------------------------------------- /JC_SetSystemSSHConfigs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | -------------------------------------------------------------------------------- /JC_UserImport.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ######################################################################################### 4 | # 5 | # JC_UserImport.sh - imports Linux users into JumpCloud(tm) 6 | # 7 | # This script provides two main benefits: 8 | # 9 | # 1. To help you identify existing users on your servers to either remove or add to 10 | # JumpCloud 11 | # 12 | # 2. To allow you to automatically add users to JumpCloud via a text list when they're 13 | # found on any server. 14 | # 15 | # NOTE: This script MUST be run as 'root' 16 | # 17 | # If you have any questions or problems with the operation of this script, please 18 | # contact support@jumpcloud.com. 19 | # 20 | # License: This script is made available by JumpCloud under the 21 | # Mozilla Public License v2.0 (https://www.mozilla.org/MPL/2.0/) 22 | # 23 | # Author: James D. Brown (james@jumpcloud.com) 24 | # Created: Mon, Apr 7, 2014 25 | # 26 | # Copyright (c) 2014 JumpCloud, Inc. 27 | # 28 | ######################################################################################### 29 | 30 | ###### 31 | # -------------------------- START USER CUSTOMIZATION SECTION -------------------------- 32 | ###### 33 | 34 | # 35 | # To obtain your API key, login to the JumpCloud console, and using your user account 36 | # menu in the upper right corner of the screen, select "API Settings". 37 | # 38 | jumpCloudAPIKey="" 39 | 40 | # 41 | # Define your user emails here: 42 | # 43 | # They should be of the form: 44 | # 45 | # LinuxLoginName:Email 46 | # 47 | # One per line. 48 | # 49 | # When these accounts are found, if they are not yet set up as a JumpCloud managed user, 50 | # they will be added to JumpCloud. 51 | # 52 | # NOTE: Root cannot be added as a JumpCloud user at this time. Doing so will create a 53 | # new user entry in /etc/passwd and /etc/shadow named 'root', but with a non-zero UID. 54 | # 55 | userAddEmailMap() { 56 | cat <<-EOF 57 | demouser:demouser_example@mycompany.com 58 | EOF 59 | } 60 | 61 | # 62 | # Define all user accounts to ignore here. This should include any user logins that you 63 | # do not wish JumpCloud to manage. Entries in this list are overridden by entries in the 64 | # userAddEmailMap. 65 | # 66 | # They should be of the form: 67 | # 68 | # LinuxLoginName 69 | # 70 | # One per line. 71 | # 72 | userIgnoreList() { 73 | cat <<-EOF 74 | guest 75 | EOF 76 | } 77 | 78 | 79 | # 80 | # Script code to follow should require no user modification. 81 | # 82 | shadowFile="/etc/shadow" 83 | 84 | # 85 | # This includes the names of default users created by installer packages. It is pre-pended 86 | # to the userIgnoreList, and generally should change only with new package or distro 87 | # updates. Entries in this list are overridden by entries in the userAddEmailMap. 88 | # 89 | defaultIgnoreList() { 90 | cat <<-EOF 91 | root 92 | bin 93 | daemon 94 | adm 95 | lp 96 | sync 97 | shutdown 98 | halt 99 | mail 100 | uucp 101 | operator 102 | games 103 | gopher 104 | ftp 105 | nobody 106 | dbus 107 | usbmuxd 108 | vcsa 109 | rpc 110 | rtkit 111 | nscd 112 | avahi-autoipd 113 | abrt 114 | rpcuser 115 | nfsnobody 116 | apache 117 | ntp 118 | saslauth 119 | postfix 120 | mysql 121 | hsqldb 122 | haldaemon 123 | pulse 124 | gdm 125 | sshd 126 | nslcd 127 | tcpdump 128 | mailnull 129 | smmsp 130 | sys 131 | man 132 | news 133 | proxy 134 | www-data 135 | backup 136 | list 137 | irc 138 | gnats 139 | libuuid 140 | syslog 141 | messagebus 142 | whoopsie 143 | landscape 144 | ubuntu 145 | EOF 146 | } 147 | 148 | joinIgnoreLists() { 149 | userIgnoreList 150 | defaultIgnoreList 151 | } 152 | 153 | getMatchRegex() { 154 | firstDone=0; 155 | 156 | userAddEmailMap | while read line 157 | do 158 | login=`echo ${line} | awk -F':' '{ print $1; }'` 159 | 160 | if [ ${firstDone} -eq 1 ] 161 | then 162 | echo -n "|" 163 | fi 164 | 165 | echo -n "^${login}$" 166 | 167 | firstDone=1 168 | done 169 | } 170 | 171 | runningAsRoot() { 172 | if [ `id -u` -eq 0 ] 173 | then 174 | return 0 175 | else 176 | echo "This script must be run as root. EXITING." 177 | 178 | return 1 179 | fi 180 | } 181 | 182 | # 183 | # Get the list of all shadow file lines that have an email associated with them 184 | # 185 | getAllAddUserAccounts() { 186 | matchList=`getMatchRegex | tr -d "^$"` 187 | 188 | grep -E "^(${matchList}):" ${shadowFile} 189 | } 190 | 191 | # 192 | # Get the list of all user accounts without an email mapping, and which are ignored 193 | # 194 | getAllMissedUserAccounts() { 195 | matchList=`getMatchRegex | tr -d "^$"` 196 | 197 | grep -Ev "^${matchList}:" ${shadowFile} | while read line 198 | do 199 | login=`echo ${line} | awk -F':' '{ print $1; }' -` 200 | 201 | if [ `joinIgnoreLists | grep -c "${login}"` -eq 0 ] 202 | then 203 | # 204 | # Does the user not exist in JumpCloud already? 205 | # 206 | if [ `findAccountInJumpCloud "${login}" | grep -c "\"totalCount\":1"` -eq 0 ] 207 | then 208 | echo -n " ${login}" 209 | fi 210 | fi 211 | done 212 | } 213 | 214 | APIKeyIsValid() { 215 | login="${1}" 216 | 217 | result=`curl --silent \ 218 | -d "{\"filter\": [{\"username\" : \"${login}\"}]}" \ 219 | -X 'GET' \ 220 | -H 'Content-Type: application/json' \ 221 | -H 'Accept: application/json' \ 222 | -H "x-api-key: ${jumpCloudAPIKey}" \ 223 | "https://console.jumpcloud.com/api/systemusers"` 224 | 225 | if [ "${result}" = "Unauthorized" ] 226 | then 227 | return 1 228 | fi 229 | 230 | return 0 231 | } 232 | 233 | findAccountInJumpCloud() { 234 | login="${1}" 235 | 236 | curl --silent \ 237 | -d "{\"filter\": [{\"username\" : \"${login}\"}]}" \ 238 | -X 'POST' \ 239 | -H 'Content-Type: application/json' \ 240 | -H 'Accept: application/json' \ 241 | -H "x-api-key: ${jumpCloudAPIKey}" \ 242 | "https://console.jumpcloud.com/api/search/systemusers" 243 | } 244 | 245 | addAccountToJumpCloud() { 246 | login="${1}" 247 | 248 | email=`userAddEmailMap | grep "^${login}:" | awk -F':' '{ print $2; }' -` 249 | 250 | result=`curl --silent \ 251 | -d "{\"email\" : \"${email}\", \"username\" : \"${login}\" }" \ 252 | -X 'POST' \ 253 | -H 'Content-Type: application/json' \ 254 | -H 'Accept: application/json' \ 255 | -H "x-api-key: ${jumpCloudAPIKey}" \ 256 | "https://console.jumpcloud.com/api/systemusers"` 257 | 258 | if [ `echo "${result}" | grep -c '"status"'` -eq 1 ] 259 | then 260 | echo "" 261 | echo "" 262 | echo "ERROR: ${result}" 263 | else 264 | echo "SUCCESS" 265 | fi 266 | } 267 | 268 | runningAsRoot || exit 1 269 | 270 | APIKeyIsValid 271 | 272 | if [ ${?} -eq 1 ] 273 | then 274 | echo "ERROR: The API key is unauthorized." 275 | exit 1 276 | fi 277 | 278 | # 279 | # Do we have any users we don't know what to do with? 280 | # 281 | missed=`getAllMissedUserAccounts` 282 | 283 | if [ ! -z "${missed}" ] 284 | then 285 | echo "Unknown users (not in JumpCloud, userAddEmailMap, nor userIgnoreList):" 286 | echo "" 287 | echo " ${missed}" 288 | echo "" 289 | echo "Please add these users to one of the above locations, and re-run JCUserImport.sh" 290 | echo "" 291 | echo "Exiting with return code 1" 292 | exit 1 293 | fi 294 | 295 | addUsers=`getAllAddUserAccounts` 296 | 297 | for user in ${addUsers} 298 | do 299 | login=`echo "${user}" | awk -F':' '{ print $1; }' -` 300 | 301 | # 302 | # Is the user account NOT already in JumpCloud? 303 | # 304 | if [ `findAccountInJumpCloud "${login}" | grep -c "\"totalCount\":1"` -eq 0 ] 305 | then 306 | 307 | echo -n "${login}: Adding to JumpCloud: " 308 | 309 | # 310 | # Not there, let's add it 311 | # 312 | addAccountToJumpCloud "${login}" 313 | else 314 | echo "${login}: Already exists in JumpCloud" 315 | fi 316 | done 317 | 318 | exit 0 -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Mozilla Public License, version 2.0 2 | 3 | 1. Definitions 4 | 5 | 1.1. "Contributor" 6 | 7 | means each individual or legal entity that creates, contributes to the 8 | creation of, or owns Covered Software. 9 | 10 | 1.2. "Contributor Version" 11 | 12 | means the combination of the Contributions of others (if any) used by a 13 | Contributor and that particular Contributor's Contribution. 14 | 15 | 1.3. "Contribution" 16 | 17 | means Covered Software of a particular Contributor. 18 | 19 | 1.4. "Covered Software" 20 | 21 | means Source Code Form to which the initial Contributor has attached the 22 | notice in Exhibit A, the Executable Form of such Source Code Form, and 23 | Modifications of such Source Code Form, in each case including portions 24 | thereof. 25 | 26 | 1.5. "Incompatible With Secondary Licenses" 27 | means 28 | 29 | a. that the initial Contributor has attached the notice described in 30 | Exhibit B to the Covered Software; or 31 | 32 | b. that the Covered Software was made available under the terms of 33 | version 1.1 or earlier of the License, but not also under the terms of 34 | a Secondary License. 35 | 36 | 1.6. "Executable Form" 37 | 38 | means any form of the work other than Source Code Form. 39 | 40 | 1.7. "Larger Work" 41 | 42 | means a work that combines Covered Software with other material, in a 43 | separate file or files, that is not Covered Software. 44 | 45 | 1.8. "License" 46 | 47 | means this document. 48 | 49 | 1.9. "Licensable" 50 | 51 | means having the right to grant, to the maximum extent possible, whether 52 | at the time of the initial grant or subsequently, any and all of the 53 | rights conveyed by this License. 54 | 55 | 1.10. "Modifications" 56 | 57 | means any of the following: 58 | 59 | a. any file in Source Code Form that results from an addition to, 60 | deletion from, or modification of the contents of Covered Software; or 61 | 62 | b. any new file in Source Code Form that contains any Covered Software. 63 | 64 | 1.11. "Patent Claims" of a Contributor 65 | 66 | means any patent claim(s), including without limitation, method, 67 | process, and apparatus claims, in any patent Licensable by such 68 | Contributor that would be infringed, but for the grant of the License, 69 | by the making, using, selling, offering for sale, having made, import, 70 | or transfer of either its Contributions or its Contributor Version. 71 | 72 | 1.12. "Secondary License" 73 | 74 | means either the GNU General Public License, Version 2.0, the GNU Lesser 75 | General Public License, Version 2.1, the GNU Affero General Public 76 | License, Version 3.0, or any later versions of those licenses. 77 | 78 | 1.13. "Source Code Form" 79 | 80 | means the form of the work preferred for making modifications. 81 | 82 | 1.14. "You" (or "Your") 83 | 84 | means an individual or a legal entity exercising rights under this 85 | License. For legal entities, "You" includes any entity that controls, is 86 | controlled by, or is under common control with You. For purposes of this 87 | definition, "control" means (a) the power, direct or indirect, to cause 88 | the direction or management of such entity, whether by contract or 89 | otherwise, or (b) ownership of more than fifty percent (50%) of the 90 | outstanding shares or beneficial ownership of such entity. 91 | 92 | 93 | 2. License Grants and Conditions 94 | 95 | 2.1. Grants 96 | 97 | Each Contributor hereby grants You a world-wide, royalty-free, 98 | non-exclusive license: 99 | 100 | a. under intellectual property rights (other than patent or trademark) 101 | Licensable by such Contributor to use, reproduce, make available, 102 | modify, display, perform, distribute, and otherwise exploit its 103 | Contributions, either on an unmodified basis, with Modifications, or 104 | as part of a Larger Work; and 105 | 106 | b. under Patent Claims of such Contributor to make, use, sell, offer for 107 | sale, have made, import, and otherwise transfer either its 108 | Contributions or its Contributor Version. 109 | 110 | 2.2. Effective Date 111 | 112 | The licenses granted in Section 2.1 with respect to any Contribution 113 | become effective for each Contribution on the date the Contributor first 114 | distributes such Contribution. 115 | 116 | 2.3. Limitations on Grant Scope 117 | 118 | The licenses granted in this Section 2 are the only rights granted under 119 | this License. No additional rights or licenses will be implied from the 120 | distribution or licensing of Covered Software under this License. 121 | Notwithstanding Section 2.1(b) above, no patent license is granted by a 122 | Contributor: 123 | 124 | a. for any code that a Contributor has removed from Covered Software; or 125 | 126 | b. for infringements caused by: (i) Your and any other third party's 127 | modifications of Covered Software, or (ii) the combination of its 128 | Contributions with other software (except as part of its Contributor 129 | Version); or 130 | 131 | c. under Patent Claims infringed by Covered Software in the absence of 132 | its Contributions. 133 | 134 | This License does not grant any rights in the trademarks, service marks, 135 | or logos of any Contributor (except as may be necessary to comply with 136 | the notice requirements in Section 3.4). 137 | 138 | 2.4. Subsequent Licenses 139 | 140 | No Contributor makes additional grants as a result of Your choice to 141 | distribute the Covered Software under a subsequent version of this 142 | License (see Section 10.2) or under the terms of a Secondary License (if 143 | permitted under the terms of Section 3.3). 144 | 145 | 2.5. Representation 146 | 147 | Each Contributor represents that the Contributor believes its 148 | Contributions are its original creation(s) or it has sufficient rights to 149 | grant the rights to its Contributions conveyed by this License. 150 | 151 | 2.6. Fair Use 152 | 153 | This License is not intended to limit any rights You have under 154 | applicable copyright doctrines of fair use, fair dealing, or other 155 | equivalents. 156 | 157 | 2.7. Conditions 158 | 159 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in 160 | Section 2.1. 161 | 162 | 163 | 3. Responsibilities 164 | 165 | 3.1. Distribution of Source Form 166 | 167 | All distribution of Covered Software in Source Code Form, including any 168 | Modifications that You create or to which You contribute, must be under 169 | the terms of this License. You must inform recipients that the Source 170 | Code Form of the Covered Software is governed by the terms of this 171 | License, and how they can obtain a copy of this License. You may not 172 | attempt to alter or restrict the recipients' rights in the Source Code 173 | Form. 174 | 175 | 3.2. Distribution of Executable Form 176 | 177 | If You distribute Covered Software in Executable Form then: 178 | 179 | a. such Covered Software must also be made available in Source Code Form, 180 | as described in Section 3.1, and You must inform recipients of the 181 | Executable Form how they can obtain a copy of such Source Code Form by 182 | reasonable means in a timely manner, at a charge no more than the cost 183 | of distribution to the recipient; and 184 | 185 | b. You may distribute such Executable Form under the terms of this 186 | License, or sublicense it under different terms, provided that the 187 | license for the Executable Form does not attempt to limit or alter the 188 | recipients' rights in the Source Code Form under this License. 189 | 190 | 3.3. Distribution of a Larger Work 191 | 192 | You may create and distribute a Larger Work under terms of Your choice, 193 | provided that You also comply with the requirements of this License for 194 | the Covered Software. If the Larger Work is a combination of Covered 195 | Software with a work governed by one or more Secondary Licenses, and the 196 | Covered Software is not Incompatible With Secondary Licenses, this 197 | License permits You to additionally distribute such Covered Software 198 | under the terms of such Secondary License(s), so that the recipient of 199 | the Larger Work may, at their option, further distribute the Covered 200 | Software under the terms of either this License or such Secondary 201 | License(s). 202 | 203 | 3.4. Notices 204 | 205 | You may not remove or alter the substance of any license notices 206 | (including copyright notices, patent notices, disclaimers of warranty, or 207 | limitations of liability) contained within the Source Code Form of the 208 | Covered Software, except that You may alter any license notices to the 209 | extent required to remedy known factual inaccuracies. 210 | 211 | 3.5. Application of Additional Terms 212 | 213 | You may choose to offer, and to charge a fee for, warranty, support, 214 | indemnity or liability obligations to one or more recipients of Covered 215 | Software. However, You may do so only on Your own behalf, and not on 216 | behalf of any Contributor. You must make it absolutely clear that any 217 | such warranty, support, indemnity, or liability obligation is offered by 218 | You alone, and You hereby agree to indemnify every Contributor for any 219 | liability incurred by such Contributor as a result of warranty, support, 220 | indemnity or liability terms You offer. You may include additional 221 | disclaimers of warranty and limitations of liability specific to any 222 | jurisdiction. 223 | 224 | 4. Inability to Comply Due to Statute or Regulation 225 | 226 | If it is impossible for You to comply with any of the terms of this License 227 | with respect to some or all of the Covered Software due to statute, 228 | judicial order, or regulation then You must: (a) comply with the terms of 229 | this License to the maximum extent possible; and (b) describe the 230 | limitations and the code they affect. Such description must be placed in a 231 | text file included with all distributions of the Covered Software under 232 | this License. Except to the extent prohibited by statute or regulation, 233 | such description must be sufficiently detailed for a recipient of ordinary 234 | skill to be able to understand it. 235 | 236 | 5. Termination 237 | 238 | 5.1. The rights granted under this License will terminate automatically if You 239 | fail to comply with any of its terms. However, if You become compliant, 240 | then the rights granted under this License from a particular Contributor 241 | are reinstated (a) provisionally, unless and until such Contributor 242 | explicitly and finally terminates Your grants, and (b) on an ongoing 243 | basis, if such Contributor fails to notify You of the non-compliance by 244 | some reasonable means prior to 60 days after You have come back into 245 | compliance. Moreover, Your grants from a particular Contributor are 246 | reinstated on an ongoing basis if such Contributor notifies You of the 247 | non-compliance by some reasonable means, this is the first time You have 248 | received notice of non-compliance with this License from such 249 | Contributor, and You become compliant prior to 30 days after Your receipt 250 | of the notice. 251 | 252 | 5.2. If You initiate litigation against any entity by asserting a patent 253 | infringement claim (excluding declaratory judgment actions, 254 | counter-claims, and cross-claims) alleging that a Contributor Version 255 | directly or indirectly infringes any patent, then the rights granted to 256 | You by any and all Contributors for the Covered Software under Section 257 | 2.1 of this License shall terminate. 258 | 259 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user 260 | license agreements (excluding distributors and resellers) which have been 261 | validly granted by You or Your distributors under this License prior to 262 | termination shall survive termination. 263 | 264 | 6. Disclaimer of Warranty 265 | 266 | Covered Software is provided under this License on an "as is" basis, 267 | without warranty of any kind, either expressed, implied, or statutory, 268 | including, without limitation, warranties that the Covered Software is free 269 | of defects, merchantable, fit for a particular purpose or non-infringing. 270 | The entire risk as to the quality and performance of the Covered Software 271 | is with You. Should any Covered Software prove defective in any respect, 272 | You (not any Contributor) assume the cost of any necessary servicing, 273 | repair, or correction. This disclaimer of warranty constitutes an essential 274 | part of this License. No use of any Covered Software is authorized under 275 | this License except under this disclaimer. 276 | 277 | 7. Limitation of Liability 278 | 279 | Under no circumstances and under no legal theory, whether tort (including 280 | negligence), contract, or otherwise, shall any Contributor, or anyone who 281 | distributes Covered Software as permitted above, be liable to You for any 282 | direct, indirect, special, incidental, or consequential damages of any 283 | character including, without limitation, damages for lost profits, loss of 284 | goodwill, work stoppage, computer failure or malfunction, or any and all 285 | other commercial damages or losses, even if such party shall have been 286 | informed of the possibility of such damages. This limitation of liability 287 | shall not apply to liability for death or personal injury resulting from 288 | such party's negligence to the extent applicable law prohibits such 289 | limitation. Some jurisdictions do not allow the exclusion or limitation of 290 | incidental or consequential damages, so this exclusion and limitation may 291 | not apply to You. 292 | 293 | 8. Litigation 294 | 295 | Any litigation relating to this License may be brought only in the courts 296 | of a jurisdiction where the defendant maintains its principal place of 297 | business and such litigation shall be governed by laws of that 298 | jurisdiction, without reference to its conflict-of-law provisions. Nothing 299 | in this Section shall prevent a party's ability to bring cross-claims or 300 | counter-claims. 301 | 302 | 9. Miscellaneous 303 | 304 | This License represents the complete agreement concerning the subject 305 | matter hereof. If any provision of this License is held to be 306 | unenforceable, such provision shall be reformed only to the extent 307 | necessary to make it enforceable. Any law or regulation which provides that 308 | the language of a contract shall be construed against the drafter shall not 309 | be used to construe this License against a Contributor. 310 | 311 | 312 | 10. Versions of the License 313 | 314 | 10.1. New Versions 315 | 316 | Mozilla Foundation is the license steward. Except as provided in Section 317 | 10.3, no one other than the license steward has the right to modify or 318 | publish new versions of this License. Each version will be given a 319 | distinguishing version number. 320 | 321 | 10.2. Effect of New Versions 322 | 323 | You may distribute the Covered Software under the terms of the version 324 | of the License under which You originally received the Covered Software, 325 | or under the terms of any subsequent version published by the license 326 | steward. 327 | 328 | 10.3. Modified Versions 329 | 330 | If you create software not governed by this License, and you want to 331 | create a new license for such software, you may create and use a 332 | modified version of this License if you rename the license and remove 333 | any references to the name of the license steward (except to note that 334 | such modified license differs from this License). 335 | 336 | 10.4. Distributing Source Code Form that is Incompatible With Secondary 337 | Licenses If You choose to distribute Source Code Form that is 338 | Incompatible With Secondary Licenses under the terms of this version of 339 | the License, the notice described in Exhibit B of this License must be 340 | attached. 341 | 342 | Exhibit A - Source Code Form License Notice 343 | 344 | This Source Code Form is subject to the 345 | terms of the Mozilla Public License, v. 346 | 2.0. If a copy of the MPL was not 347 | distributed with this file, You can 348 | obtain one at 349 | http://mozilla.org/MPL/2.0/. 350 | 351 | If it is not possible or desirable to put the notice in a particular file, 352 | then You may include the notice in a location (such as a LICENSE file in a 353 | relevant directory) where a recipient would be likely to look for such a 354 | notice. 355 | 356 | You may add additional accurate notices of copyright ownership. 357 | 358 | Exhibit B - "Incompatible With Secondary Licenses" Notice 359 | 360 | This Source Code Form is "Incompatible 361 | With Secondary Licenses", as defined by 362 | the Mozilla Public License, v. 2.0. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Extensions 2 | ========== 3 | 4 | Contains function and feature extensions for JumpCloud, including automated user import, CSV import, and others. 5 | 6 | The following scripts are designed to be run via JumpCloud, to make it easy to distribute them across servers, and get results into a central location: 7 | 8 | JC_UserImport.sh - a bash script that allows you to automatically and quickly import all your existing Linux users into JumpCloud, eliminate user accounts that should no longer exist on servers, and get all your user accounts into a central repository for easy management going forward. 9 | 10 | The following scripts are designed to be run from any Linux host: 11 | 12 | JC_CSVUserImport.sh - a bash script that imports JumpCloud system user accounts from a CSV file. It accepts a file containing either login and email, or just email (in which case the login will be taken from the email user name). 13 | 14 | JC_CommandTriggerExample.sh - an example script that shows how to call a JumpCloud Command via a webhook 15 | 16 | JC_RunCommandExample.sh - an example script that show how to call a JumpCloud Command via the normal REST API, to allow Command Runner users to run commands via the API 17 | 18 | JC_CheckAgentPorts.sh - a script that verifies outbound connectivity from a Linux host for proper agent installation and operation 19 | -------------------------------------------------------------------------------- /RenameMacUserNameAndHomeDirectory.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # 4 | # Script to rename the user name of a user on OS X 5 | # 6 | # The script updates the users record name and home directory 7 | # name from an old name to a new one. 8 | # 9 | # NOTE: MUST BE RUN AS ROOT! 10 | # 11 | abort() { 12 | errString=${*} 13 | echo "$errString" 14 | exit 1 15 | } 16 | 17 | if [[ ${#} -ne 2 ]] 18 | then 19 | echo "Usage: $0 oldUserName newUserName" 20 | exit 1 21 | fi 22 | 23 | oldUser=$1 24 | newUser=$2 25 | 26 | if [[ -z "${newUser}" ]] 27 | then 28 | abort "New user name must not be empty!" 29 | fi 30 | 31 | origHomeDir=`dscl . -read /Users/${oldUser} NFSHomeDirectory | awk '{print $2}' -` 32 | 33 | if [[ -z "${origHomeDir}" ]] 34 | then 35 | abort "Cannot obtain the original home directory name, is the oldUserName correct?" 36 | fi 37 | 38 | dscl . -change /Users/${oldUser} NFSHomeDirectory /Users/${oldUser} /Users/${newUser} 39 | err=$? 40 | if [ ${err} -ne 0 ] 41 | then 42 | abort "Could not rename the user's home directory pointer, aborting further changes! - err=${err}" 43 | fi 44 | 45 | mv /Users/${oldUser} /Users/${newUser} 46 | err=$? 47 | if [[ ${err} -ne 0 ]] 48 | then 49 | abort "Could not rename the user's home directory in /Users - the user may not be able to login unless you correct dscl to point back to /Users/${oldUser}" 50 | fi 51 | 52 | dscl . -change /Users/${oldUser} RecordName ${oldUser} ${newUser} 53 | err=$? 54 | if [[ ${err} -ne 0 ]] 55 | then 56 | abort "Could not rename the user's RecordName in dscl - the user should still be able to login, but with user name ${oldUser}, however, their home directory will be pointed to /Users/${newUser}" 57 | fi 58 | 59 | echo "SUCCESS: ${oldUser} --> ${newUser}" 60 | 61 | exit 0 62 | --------------------------------------------------------------------------------