├── .gitignore ├── ClassicAPI ├── README.md ├── applicationUsageAPI.sh ├── createNetworkSegmentsAPI.sh ├── deleteClassesBySiteAPI.sh ├── deleteComputersAPI.sh ├── deleteMobileDevicesAPI.sh ├── deleteNASourceClassesAPI.sh ├── deleteUsersAPI.sh ├── departmentsAPI.sh ├── directoryReportingAPI.sh ├── diskReportingAPI.sh ├── getPolicyStatus.sh ├── getScopedAppsListAPI.sh ├── getiPadBySerialAPI.sh ├── iOSAppInstallMethodsAPI.sh ├── macStaticGroupAPI.sh ├── mobileStaticGroupAPI.sh ├── modifyClassesByGroupAPI.sh ├── printersAPI.sh ├── smartToStaticConverter.sh ├── updateComputerPurchasingAPI.sh ├── updateMobilePurchasingAPI.sh ├── usersWithComputers.sh ├── usersWithoutAssignmentsAPI.sh └── vppAccountReport.sh ├── ExtensionAttributes ├── README.md ├── bootstrapTokenAllowedForAuthentication.sh ├── detectConfigProfile.sh ├── detectMacModel.sh ├── hasEscrowedBootstrapToken.sh ├── reportAppUpdateSettings.sh ├── rootUserStatus.sh └── verifyMDM.sh ├── JamfProAPI ├── README.md ├── createBuildingsFromFile.sh ├── createDepartmentsFromFile.sh ├── iMatthewCM Python Library │ ├── README.md │ ├── Release Notes.md │ ├── demo.py │ └── iMatthewCM.py └── tokenGenerator.sh ├── LICENSE ├── README.md ├── Resources ├── EFIgy.pkg └── README.md ├── Snippets ├── CurrentlyLoggedInUser.sh └── README.md ├── Workflows ├── Install Python 3 on Mac.sh ├── Verifying macOS Firmware with EFIgy.pdf └── Warranty Reporting.pdf └── macOS ├── README.md ├── addManagementAccountFV2.sh ├── configureAppUpdate.sh ├── disableMenubarWifi.sh ├── displayNotification.sh ├── enableManagementAndLocalFV2.sh ├── getWarrantyInformation.sh ├── lockDock.sh ├── macOSCreateAdminUser.sh ├── secureTokenUsers.sh ├── setComputerNameToSerial.sh ├── setupCasperShareUsers.sh ├── trimComputerName.sh ├── unlockDock.sh └── validateFirmware.sh /.gitignore: -------------------------------------------------------------------------------- 1 | # OS generated files # 2 | ###################### 3 | .DS_Store 4 | .DS_Store? 5 | ._* 6 | .Spotlight-V100 7 | .Trashes 8 | ehthumbs.db 9 | Thumbs.db 10 | 11 | HoldingArea 12 | **/__pycache__ 13 | -------------------------------------------------------------------------------- /ClassicAPI/README.md: -------------------------------------------------------------------------------- 1 | ## Jamf API Scripts 2 | 3 | These Scripts all utilize Jamf’s REST API to do something useful in the JSS. You always need to enter your JSS URL and Administrative Credentials. Some Scripts additionall require a CSV or other input. 4 | 5 | #### DepartmentsAPI.sh 6 | 7 | **Purpose:** Use this Script to make a bunch of Departments all at once. You just need to feed in a .txt file containing each Department name to add. Put each Department name on a new line. 8 | 9 | #### GetiPadBySerialAPI.sh 10 | 11 | **Purpose:** Get *all* Inventory information for a single iPad by entering its Serial Number. This is returned as XML. Sometimes useful for troubleshooting potentially incorrect Inventory Display (when Tomcat is displaying one thing, but MySQL says differently) 12 | 13 | #### DeleteComputersAPI.sh 14 | 15 | **Dangerous Purpose:** This is a small atomic bomb you can run to delete a handful of computers out of your JSS. You need a CSV with the JSS ID for each computer you want to delete. This is probably a bad idea to run, but sometimes it’s necessary. Use with caution. -------------------------------------------------------------------------------- /ClassicAPI/applicationUsageAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # applicationUsageAPI.sh - Collects Application Usage data for all computers for a specific App 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will query each managed computer in a Jamf Pro server and get the total usage 21 | # time, in minutes, for a specific application. A CSV will be written out to /tmp with the output 22 | # 23 | # REQUIREMENTS 24 | # 25 | # - Edit lines 45, 48, and 53 to reflect login credentials and a Jamf Pro URL 26 | # - The account used to authenticate only needs READ privileges on Computer objects 27 | # 28 | #################################################################################################### 29 | # 30 | # HISTORY 31 | # 32 | # Version: 1.0 33 | # 34 | # Release Notes: 35 | # - Initial release 36 | # 37 | # - Created by Matthew Mitchell on June 5, 2018 38 | # 39 | #################################################################################################### 40 | # 41 | # DEFINE VARIABLES & READ IN PARAMETERS 42 | # 43 | #################################################################################################### 44 | 45 | #Username for Jamf Pro account 46 | jssUser=username 47 | 48 | #Password for Jamf Pro account 49 | jssPass=password 50 | 51 | #Jamf Pro URL 52 | #On-Prem Example: https://myjss.com:8443 53 | #Jamf Cloud Example: https://myjss.jamfcloud.com 54 | jssURL=https://myjss.jamfcloud.com 55 | 56 | #################################################################################################### 57 | # 58 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 59 | # 60 | #################################################################################################### 61 | 62 | ##################################################### 63 | # Get user input for app name and date range 64 | ##################################################### 65 | 66 | #Prompt for the app name 67 | echo "What is the name of the application to collect Usage data for?" 68 | echo "Make sure to include spaces and the extension, exactly as it would appear in Jamf Pro!" 69 | echo "Example: Microsoft Outlook.app" 70 | read appToCheck 71 | echo "" 72 | 73 | #Prompt for the starting date 74 | echo "This script will collect Usage data for $appToCheck within a date range." 75 | echo "What is the date to start the range?" 76 | echo "Format: YYYY-MM-DD" 77 | echo "Example: 2018-01-01" 78 | read startingDate 79 | echo "" 80 | 81 | #Prompt for the ending date 82 | echo "What is the date to end the range?" 83 | read endingDate 84 | echo "" 85 | 86 | #Concatenate them together to make the date range for the API 87 | dateRange=$startingDate"_"$endingDate 88 | 89 | ##################################################### 90 | # Get the output file set up 91 | ##################################################### 92 | 93 | #Rip off the .app from the app name 94 | fileName=$(echo $appToCheck | cut -d '.' -f1 | sed s/' '/'_'/g) 95 | 96 | #Get the epoch time this report was run 97 | epoch=$(date +%s) 98 | 99 | #Appened _Usage_Report.csv 100 | fileName=$fileName"_Usage_Report_"$epoch".csv" 101 | 102 | #Initialize the variable 103 | outputFile=/tmp/$fileName 104 | 105 | #Create the column headers 106 | echo "Computer Name, Serial Number, macOS Version, Application Usage (Minutes)" >> $outputFile 107 | 108 | #Inform the admin about the file name 109 | echo "$fileName will be placed in /tmp when this script is finished" 110 | echo "$epoch, reflected in the file name, is the epoch time that this report ran" 111 | echo "" 112 | 113 | #Begin 114 | echo "Working..." 115 | echo "" 116 | 117 | ##################################################### 118 | # Get all Computers 119 | ##################################################### 120 | 121 | #API call to get all Computer IDs 122 | allComputerIDs=$(curl -H "Accept: application/xml" "$jssURL/JSSResource/computers" -ksu $jssUser:$jssPass | xpath //computers/computer/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 123 | 124 | #Read them into an array 125 | IFS=',' read -r -a ids <<< "$allComputerIDs" 126 | 127 | #Get the length 128 | idlength=${#ids[@]} 129 | 130 | ##################################################### 131 | # Gather the Usage logs for all Computers 132 | ##################################################### 133 | 134 | #Loop through the array of computer IDs 135 | for ((i=0; i<$idlength; i++)); 136 | do 137 | 138 | ##################################################### 139 | # Get information on this particular computer 140 | ##################################################### 141 | 142 | #Get the entire inventory record for this computer ID 143 | computerData=$(curl -H "Accept: application/xml" "$jssURL/JSSResource/computers/id/${ids[$i]}" -ksu $jssUser:$jssPass) 144 | 145 | #Get the Computer Name 146 | computerName=$(echo $computerData | xpath //computer/general/name 2> /dev/null | sed s/''//g | sed s/'<\/name>'//g) 147 | 148 | #Get the Serial Number 149 | serialNumber=$(echo $computerData | xpath //computer/general/serial_number 2> /dev/null | sed s/''//g | sed s/'<\/serial_number>'//g) 150 | 151 | #Get the macOS version 152 | macOSVersion=$(echo $computerData | xpath //computer/hardware/os_version 2> /dev/null | sed s/''//g | sed s/'<\/os_version>'//g) 153 | 154 | ##################################################### 155 | # Collect Usage data 156 | ##################################################### 157 | 158 | #Get the entire application usage output for this computer ID for the date range previously specified 159 | usageData=$(curl -H "Accept: application/xml" "$jssURL/JSSResource/computerapplicationusage/id/${ids[$i]}/$dateRange" -ksu $jssUser:$jssPass) 160 | 161 | #Get all Application names that are present in this date range 162 | applicationNames=$(echo $usageData | xpath //computer_application_usage/usage/apps/app/name 2> /dev/null | sed s/''//g | sed s/'<\/name>'/','/g | sed 's/.$//') 163 | 164 | #Read them into an array 165 | IFS=',' read -r -a appNames <<< "$applicationNames" 166 | 167 | #Get the length 168 | #No need to get this for the next array since they'll be the same 169 | appNamesLength=${#appNames[@]} 170 | 171 | #Get all the Foreground time for each application present in this date range 172 | applicationForeground=$(echo $usageData | xpath //computer_application_usage/usage/apps/app/foreground 2> /dev/null | sed s/''//g | sed s/'<\/foreground>'/','/g | sed 's/.$//') 173 | 174 | #Read them into an array 175 | IFS=',' read -r -a appForegrounds <<< "$applicationForeground" 176 | 177 | ##################################################### 178 | # Process Usage data for specific application 179 | ##################################################### 180 | 181 | #Initalize the variable to 0 so we can add as we go 182 | openTime=0 183 | 184 | #Hooray for nested For loops! 185 | for ((j=0; j<$appNamesLength; j++)); 186 | do 187 | #If the app at the current index is the app we're trying to collect data for 188 | if [ "${appNames[$j]}" == "$appToCheck" ]; then 189 | 190 | #Grab the time it has spent in the foreground and add it to the openTime variable 191 | openTime=$(($openTime + ${appForegrounds[$j]})) 192 | 193 | fi 194 | done 195 | 196 | #We've collected all of the Usage information for the application for this computer 197 | #Write it out to the file and move on to the next Computer ID 198 | echo "$computerName,$serialNumber,$macOSVersion,$openTime" >> $outputFile 199 | 200 | done 201 | 202 | #All done, inform the admin 203 | echo "Done. Once again, $fileName has been placed in /tmp with the Usage data results." 204 | -------------------------------------------------------------------------------- /ClassicAPI/createNetworkSegmentsAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # createNetworkSegmentsAPI.sh - Creates Network Segments based off of a CSV 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will read in a CSV file and create a new Network Segment in the JSS according to what 21 | # is on each line of the CSV 22 | # 23 | # REQUIREMENTS 24 | # 25 | # The CSV should have the following on the first line: 26 | # name,starting_address,ending_address,distribution_point,building,department,override_buildings,override_departments 27 | # 28 | # The CSV can then be built up from there using those column headers as indicators of what information should go in the field 29 | # 30 | # For best results, ensure that any Buildings or Departments listed in the CSV already exist in the JSS. 31 | # Capitalization for Buildings & Departments does not matter. 32 | # Capitalization for distribution_point DOES matter (To point at JCDS, use Cloud Distribution Point 33 | # Capitalization for override_buildings and override_departments DOES matter, use true or false 34 | # 35 | #################################################################################################### 36 | # 37 | # HISTORY 38 | # 39 | # Version: 1.0 40 | # 41 | # Release Notes: 42 | # - Initial release 43 | # 44 | # - Created by Matthew Mitchell on October 31, 2017 45 | # 46 | #################################################################################################### 47 | # 48 | # DEFINE VARIABLES & READ IN PARAMETERS 49 | # 50 | #################################################################################################### 51 | 52 | #If something is going strangely, set this to "true" for additional debugging 53 | debug="false" 54 | 55 | #################################################################################################### 56 | # 57 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 58 | # 59 | #################################################################################################### 60 | 61 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 62 | echo "Please enter your JSS URL" 63 | echo "On-Prem Example: https://myjss.com:8443" 64 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 65 | read jssURL 66 | echo "" 67 | 68 | #Trim the trailing slash off if necessary 69 | if [ $(echo "${jssURL: -1}") == "/" ]; then 70 | jssURL=$(echo $jssURL | sed 's/.$//') 71 | fi 72 | 73 | #Login Credentials 74 | echo "Please enter an Adminstrator's username for the JSS:" 75 | read jssUser 76 | echo "" 77 | 78 | echo "Please enter the password for $jssUser's account:" 79 | read -s jssPass 80 | echo "" 81 | 82 | echo "Please drag and drop your CSV file into this window and hit ENTER" 83 | read segmentFile 84 | 85 | #Read CSV into array 86 | IFS=$'\n' read -d '' -r -a segmentsToAdd < $segmentFile 87 | 88 | length=${#segmentsToAdd[@]} 89 | 90 | #Starting with i=1 so we skip the header line, which is index 0 91 | for ((i=1; i<$length; i++)); 92 | do 93 | 94 | segmentName=$(echo ${segmentsToAdd[$i]} | cut -d ',' -f1) 95 | startingIP=$(echo ${segmentsToAdd[$i]} | cut -d ',' -f2) 96 | endingIP=$(echo ${segmentsToAdd[$i]} | cut -d ',' -f3) 97 | distroPoint=$(echo ${segmentsToAdd[$i]} | cut -d ',' -f4) 98 | building=$(echo ${segmentsToAdd[$i]} | cut -d ',' -f5) 99 | department=$(echo ${segmentsToAdd[$i]} | cut -d ',' -f6) 100 | overrideBuildings=$(echo ${segmentsToAdd[$i]} | cut -d ',' -f7) 101 | overrideDeparments=$(echo ${segmentsToAdd[$i]} | cut -d ',' -f8) 102 | 103 | if [ "$debug" == "true" ]; then 104 | 105 | echo "" 106 | echo "Segment Name: $segmentName" 107 | echo "Starting IP: $startingIP" 108 | echo "Ending IP: $endingIP" 109 | echo "Distro Point: $distroPoint" 110 | echo "Building: $building" 111 | echo "Department: $department" 112 | echo "Override Building: $overrideBuildings" 113 | echo "Override Departments: $overrideDeparments" 114 | echo "------------------------------------" 115 | 116 | fi 117 | 118 | curl -H "Content-Type: text/xml" -d "$segmentName$startingIP$endingIP$distroPoint$building$department$overrideBuildings$overrideDeparments" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/networksegments/id/0" -X POST 119 | 120 | done 121 | -------------------------------------------------------------------------------- /ClassicAPI/deleteClassesBySiteAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # deleteClassesBySiteAPI.sh - Deletes all classes associated with a specified site 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will delete all classes in the JSS associated with a specific site 21 | # 22 | # REQUIREMENTS 23 | # 24 | # -Administrative credentials for the JSS 25 | # -The name of the Site that we will delete all classes from 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.0 32 | # 33 | # Release Notes: 34 | # - Initial release 35 | # 36 | # - Created by Matthew Mitchell on August 9, 2017 37 | # 38 | #################################################################################################### 39 | # 40 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 41 | # 42 | #################################################################################################### 43 | 44 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 45 | echo "Please enter your JSS URL" 46 | echo "On-Prem Example: https://myjss.com:8443" 47 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 48 | echo "Do NOT use a trailing / !!" 49 | read jssURL 50 | echo "" 51 | 52 | #Login Credentials 53 | echo "Please enter an Adminstrator's username for the JSS:" 54 | read jssUser 55 | echo "" 56 | 57 | echo "Please enter the password for $jssUser's account:" 58 | read -s jssPass 59 | echo "" 60 | 61 | #Site Name 62 | echo "Please enter the name of the site to delete ALL classes from:" 63 | read siteName 64 | echo "" 65 | 66 | echo "Deleting all classes from $siteName..." 67 | echo "" 68 | 69 | #Location of the Classes API 70 | resourceURL="/JSSResource/classes" 71 | 72 | #Get a all of the IDs we need to delete 73 | ids=$(curl -H "Content-Type: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL$resourceURL" -X GET | xpath //classes/class/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g) 74 | 75 | #Make that into an array 76 | IFS=', ' read -r -a allIDs <<< $ids 77 | 78 | length=${#allIDs[@]} 79 | #Loop through lines 80 | for ((i=0; i<$length;i++)); 81 | do 82 | #Get the ID of the class we're looking at 83 | currentID=$(echo ${allIDs[$i]}) 84 | 85 | #Get the name of the site assigned to the class 86 | site=$(curl -H "Content-Type: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL$resourceURL/id/$currentID" -X GET | xpath //class/site/name 2> /dev/null | sed s/''//g | sed s/'<\/name>'/''/g) 87 | 88 | #If the site name is the same as what was entered by the user, delete it 89 | if [ "$site" == "$siteName" ]; then 90 | curl -ksu "$jssUser":"$jssPass" "$jssURL$resourceURL/id/$currentID" -X DELETE 91 | fi 92 | 93 | done 94 | 95 | echo "" 96 | echo "Done" -------------------------------------------------------------------------------- /ClassicAPI/deleteComputersAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # deleteComputersAPI.sh - Deletes Computers from the JSS based on ID 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script reads in a CSV file containing Computer IDs, then deletes each Computer ID from the JSS. Yikes. 21 | # 22 | # REQUIREMENTS 23 | # 24 | # A CSV file containing the IDs to delete. Each ID should be on a new line. 25 | # 26 | #################################################################################################### 27 | # 28 | # HISTORY 29 | # 30 | # Version: 1.2 31 | # 32 | # Release Notes: 33 | # - Optimized API calls 34 | # 35 | # - Created by Matthew Mitchell on June 12, 2017 36 | # - Updated by Matthew Mitchell on July 10, 2017 v1.1 37 | # - Updated by Matthew Mitchell on June 7, 2018 v1.2 38 | # 39 | #################################################################################################### 40 | # 41 | # DEFINE VARIABLES & READ IN PARAMETERS 42 | # 43 | #################################################################################################### 44 | 45 | echo "-------------------------" 46 | echo "WARNING: This is a dangerous script to run, as it will try and delete whatever you pass it." 47 | echo "Please make sure you have a MySQL database backup you're OK rolling back to if something goes wrong." 48 | echo "-------------------------" 49 | echo "" 50 | 51 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 52 | echo "Please enter your JSS URL" 53 | echo "On-Prem Example: https://myjss.com:8443" 54 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 55 | echo "Do NOT use a trailing / !!" 56 | read jssURL 57 | echo "" 58 | 59 | #Login Credentials 60 | echo "Please enter an Adminstrator's username for the JSS:" 61 | read jssUser 62 | echo "" 63 | 64 | echo "Please enter the password for your Admin account:" 65 | read -s jssPass 66 | echo "" 67 | 68 | #CSV file path for devices list - JSS ID numbers only 69 | echo "Please drag and drop csv into this window and hit enter" 70 | read deviceList 71 | echo "" 72 | 73 | #################################################################################################### 74 | # 75 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 76 | # 77 | #################################################################################################### 78 | 79 | #Read CSV into array 80 | IFS=$'\n' read -d '' -r -a deviceIDs < $deviceList 81 | 82 | length=${#deviceIDs[@]} 83 | 84 | #Do all the things 85 | for ((i=0; i<$length;i++)); 86 | 87 | do 88 | id=$(echo ${deviceIDs[i]} | sed 's/,//g' | sed 's/ //g'| tr -d '\r\n') 89 | curl -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/computers/id/$id" -X DELETE 90 | done -------------------------------------------------------------------------------- /ClassicAPI/deleteMobileDevicesAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # deleteMobileDevicesAPI.sh - Deletes Mobile Devices from the JSS based on Serial Number 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script reads in a CSV file containing Mobile Device Serial Numbers, then deletes each of those devices from the JSS. Yikes. 21 | # 22 | # REQUIREMENTS 23 | # 24 | # A CSV file containing the Serial Numbers to delete. Each Serial Number should be on a new line. 25 | # 26 | #################################################################################################### 27 | # 28 | # HISTORY 29 | # 30 | # Version: 1.0 31 | # 32 | # Release Notes: 33 | # - Initial release 34 | # 35 | # - Created by Matthew Mitchell on March 6, 2018 36 | # 37 | #################################################################################################### 38 | # 39 | # DEFINE VARIABLES & READ IN PARAMETERS 40 | # 41 | #################################################################################################### 42 | 43 | echo "-------------------------" 44 | echo "WARNING: This is a dangerous script to run, as it will try and delete whatever you pass it," 45 | echo "so make sure that your CSV does not contain any serial numbers for devices you do not want to delete." 46 | echo "Please make sure you have a MySQL database backup you're OK rolling back to if something goes wrong." 47 | echo "-------------------------" 48 | echo "" 49 | 50 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 51 | echo "Please enter your JSS URL" 52 | echo "On-Prem Example: https://myjss.com:8443" 53 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 54 | read jssURL 55 | echo "" 56 | 57 | #Trim the trailing slash off if necessary 58 | if [ $(echo "${jssURL: -1}") == "/" ]; then 59 | jssURL=$(echo $jssURL | sed 's/.$//') 60 | fi 61 | 62 | #Login Credentials 63 | echo "Please enter an Adminstrator's username for the JSS:" 64 | read jssUser 65 | echo "" 66 | 67 | echo "Please enter the password for $jssUser's account:" 68 | read -s jssPass 69 | echo "" 70 | 71 | #CSV file path for devices list - Serial Numbers only 72 | echo "Please drag and drop csv into this window and hit enter" 73 | read deviceList 74 | echo "" 75 | 76 | #################################################################################################### 77 | # 78 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 79 | # 80 | #################################################################################################### 81 | 82 | #Read CSV into array 83 | IFS=$'\n' read -d '' -r -a deviceSNs < $deviceList 84 | 85 | length=${#deviceSNs[@]} 86 | 87 | #Do all the things 88 | for ((i=0; i<$length;i++)); 89 | 90 | do 91 | serial=$(echo ${deviceSNs[i]} | sed 's/,//g' | sed 's/ //g'| tr -d '\r\n') 92 | curl -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/mobiledevices/serialnumber/$serial" -X DELETE 93 | done -------------------------------------------------------------------------------- /ClassicAPI/deleteNASourceClassesAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # deleteNASourceClassesAPI.sh - Deletes all classes that have a Source of N/A 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script parses through every class in a Jamf Pro Server and deletes any classes it finds 21 | # with a Source of N/A 22 | # 23 | # REQUIREMENTS 24 | # 25 | # This script needs a Jamf Pro account with, at minimum, DELETE privileges on Classes objects 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.1 32 | # 33 | # Release Notes: 34 | # - Update xpath expressions to run through xmllint 35 | # 36 | # - Created by Matthew Mitchell on September 13, 2018 37 | # - Updated by Matthew Mitchell on September 14, 2022 38 | # 39 | #################################################################################################### 40 | # 41 | # DEFINE VARIABLES & READ IN PARAMETERS 42 | # 43 | #################################################################################################### 44 | 45 | #It's OK to leave these variables empty! The script will prompt for any empty fields. 46 | 47 | #Do NOT use a trailing / character! 48 | #Include ports as necessary 49 | jamfProURL="" 50 | 51 | #Jamf Pro User Account Username 52 | jamfProUSER="" 53 | 54 | #Jamf Pro User Account Password 55 | jamfProPASS="" 56 | 57 | if [[ "$jamfProURL" == "" ]]; then 58 | echo "Please enter your Jamf Pro URL" 59 | echo "Do not include a trailing /" 60 | echo "Example: https://myjss.jamfcloud.com" 61 | read jamfProURL 62 | echo "" 63 | fi 64 | 65 | if [[ "$jamfProUSER" == "" ]]; then 66 | echo "Please enter your Jamf Pro username" 67 | read jamfProUSER 68 | echo "" 69 | fi 70 | 71 | if [[ "$jamfProPASS" == "" ]]; then 72 | echo "Please enter the password for $jamfProUSER's account" 73 | read -s jamfProPASS 74 | echo "" 75 | fi 76 | 77 | 78 | #################################################################################################### 79 | # 80 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 81 | # 82 | #################################################################################################### 83 | 84 | resourceURL=/JSSResource/classes 85 | 86 | echo "Working...please wait" 87 | echo "" 88 | 89 | #Get a all of the IDs we need to delete 90 | ids=$(curl -H "accept: text/xml" -su "$jamfProUSER":"$jamfProPASS" "$jamfProURL$resourceURL" -X GET | xmllint --xpath //classes/class/id - 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g) 91 | 92 | #Make that into an array 93 | IFS=', ' read -r -a allIDs <<< $ids 94 | 95 | #Get the length of the array 96 | length=${#allIDs[@]} 97 | 98 | #Initialize the string we'll use to mass-delete later 99 | idsToDelete="{" 100 | 101 | #Loop through the array 102 | for ((i=0; i<$length;i++)); 103 | do 104 | #Get the ID of the class we're looking at 105 | currentID=$(echo ${allIDs[$i]}) 106 | 107 | #Get the value of the Source of the class 108 | sourceValue=$(curl -H "accept: text/xml" -su "$jamfProUSER":"$jamfProPASS" "$jamfProURL$resourceURL/id/$currentID" -X GET | xmllint --xpath //class/source - 2> /dev/null | sed s/''//g | sed s/'<\/source>'/''/g) 109 | 110 | #If the Source is N/A... 111 | if [ "$sourceValue" == "N/A" ]; then 112 | #Add the ID to our string 113 | idsToDelete+="$currentID," 114 | #Inform the user 115 | echo "ID $currentID will be deleted" 116 | fi 117 | 118 | done 119 | 120 | #Get rid of the last character (will always be a comma) of idsToDelete 121 | idsToDelete=$(echo $idsToDelete | sed 's/.$//') 122 | 123 | #Add the closing curly brace 124 | idsToDelete+="}" 125 | 126 | #Tell the user we're starting the deletion process 127 | echo "" 128 | echo "Deleting Source N/A classes..." 129 | echo "" 130 | 131 | #Delete all of the things 132 | curl -su "$jamfProUSER":"$jamfProPASS" "$jamfProURL$resourceURL/id/$idsToDelete" -X DELETE 133 | 134 | echo "Done" -------------------------------------------------------------------------------- /ClassicAPI/deleteUsersAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # deleteUsersAPI.sh - Deletes Users from the JSS based on username 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script reads in a CSV file containing only usernames, then deletes each of those Users from the JSS. Yikes. 21 | # 22 | # REQUIREMENTS 23 | # 24 | # A CSV file containing the usernames to delete. Each username should be on a new line. 25 | # 26 | #################################################################################################### 27 | # 28 | # HISTORY 29 | # 30 | # Version: 1.0 31 | # 32 | # Release Notes: 33 | # - Initial release 34 | # 35 | # - Created by Matthew Mitchell on March 7, 2018 36 | # 37 | #################################################################################################### 38 | # 39 | # DEFINE VARIABLES & READ IN PARAMETERS 40 | # 41 | #################################################################################################### 42 | 43 | echo "-------------------------" 44 | echo "WARNING: This is a dangerous script to run, as it will try and delete whatever you pass it," 45 | echo "so make sure that your CSV does not contain any usernames you do not want to delete." 46 | echo "Please make sure you have a MySQL database backup you're OK rolling back to if something goes wrong." 47 | echo "-------------------------" 48 | echo "" 49 | 50 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 51 | echo "Please enter your JSS URL" 52 | echo "On-Prem Example: https://myjss.com:8443" 53 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 54 | read jssURL 55 | echo "" 56 | 57 | #Trim the trailing slash off if necessary 58 | if [ $(echo "${jssURL: -1}") == "/" ]; then 59 | jssURL=$(echo $jssURL | sed 's/.$//') 60 | fi 61 | 62 | #Login Credentials 63 | echo "Please enter an Adminstrator's username for the JSS:" 64 | read jssUser 65 | echo "" 66 | 67 | echo "Please enter the password for $jssUser's account:" 68 | read -s jssPass 69 | echo "" 70 | 71 | #CSV file path for devices list - Serial Numbers only 72 | echo "Please drag and drop csv into this window and hit enter" 73 | read userList 74 | echo "" 75 | 76 | #################################################################################################### 77 | # 78 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 79 | # 80 | #################################################################################################### 81 | 82 | #Read CSV into array 83 | IFS=$'\n' read -d '' -r -a users < $userList 84 | 85 | length=${#users[@]} 86 | 87 | #Do all the things 88 | for ((i=0; i<$length;i++)); 89 | 90 | do 91 | username=$(echo ${users[i]} | sed 's/,//g' | tr -d '\r\n') 92 | curl -kvu "$jssUser":"$jssPass" "$jssURL/JSSResource/users/name/$username" -X DELETE 93 | done -------------------------------------------------------------------------------- /ClassicAPI/departmentsAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # departmentsAPI.sh - Adds Departments to JSS via REST API 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script reads in a .txt file with Departments, then creates a Curl command for each 21 | # in order to add it to the JSS. It will automatically use the next available ID. 22 | # 23 | # REQUIREMENTS 24 | # 25 | # This script requires a .txt file with a list of Department names. Each name must be on a 26 | # new line. 27 | # 28 | # Example: 29 | # 30 | # Department of Mysteries 31 | # Auror Headquarters 32 | # International Magical Trading Standards Body 33 | # 34 | # 35 | #################################################################################################### 36 | # 37 | # HISTORY 38 | # 39 | # Version: 1.4 40 | # 41 | # Release Notes: 42 | # - Style Guide Compatibility 43 | # 44 | # - Created by Matthew Mitchell on December 8, 2016 45 | # - Updated by Matthew Mitchell on March 13, 2017 v1.3 46 | # - Updated by Matthew Mitchell on July 10, 2017 v1.4 47 | # 48 | #################################################################################################### 49 | # 50 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 51 | # 52 | #################################################################################################### 53 | 54 | echo "Please enter your JSS URL" 55 | echo "On-Prem Example: https://myjss.com:8443" 56 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 57 | echo "Do NOT use a trailing / !!" 58 | read jssURL 59 | 60 | echo "Please enter Admin credentials the JSS:" 61 | read jssUser 62 | 63 | echo "Please enter the password for your Admin account:" 64 | read -s jssPass 65 | 66 | echo "Please drag the .txt file with your Departments to add into this window" 67 | read filePath 68 | 69 | #Location of the Department API - you can get this from https://YOUR_JSS_URL/api, clicking on a command, "Try it out," and reference "Request URL" 70 | resourceURL="/JSSResource/departments/id/" 71 | 72 | #Department name we want to appear in the JSS. This variable will continually be rewritten once we get to the FOR loop 73 | deptName="" 74 | 75 | #Using 0 will use the next available ID. This is useful for creating NEW things, since you don't have to worry about overwriting something else 76 | deptID=0 77 | 78 | #Read in the file 79 | IFS=$'\n' read -d '' -r -a lines < $filePath 80 | 81 | 82 | #Get how many times we're looping based on length of array 83 | length=${#lines[@]} 84 | #Loop through lines 85 | for ((i=0; i<$length;i++)); 86 | do 87 | #Get the contents of the line, and cut it off when we get to a < 88 | deptName=`echo ${lines[$i]} | cut -d '<' -f1` 89 | #If the string isn't empty 90 | if [ -n "$deptName" ]; then 91 | #POST it 92 | #This is the bread and butter of the API - the curl command. 93 | #In this case you'll see some XML after the -d, which is the portion of XML that the JSS needs to insert the names properly. 94 | #You can see the XML structure by running a GET on whatever resource you're looking at 95 | #The -kvu is just good practice, might as well throw that on all of your statements 96 | #Then there's the user and password, then the full URL to the API resource, and then the POST command 97 | curl -H "Content-Type: application/xml" -d "$deptName" -ksu "$jssUser":"$jssPass" "$jssURL$resourceURL$deptID" -X POST 98 | fi 99 | done -------------------------------------------------------------------------------- /ClassicAPI/directoryReportingAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # directoryReportingAPI.sh - Get a list of all local usernames and their associated home directory 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will gather all Computer IDs, then query each ID via the REST API to obtain their 21 | # full inventory record from Jamf Pro. Serial Number, Computer Name, Local User Accounts, and Home 22 | # Directory paths will be extracted from that record and written to a CSV 23 | # 24 | # REQUIREMENTS 25 | # 26 | # Minimum of READ credentials on Computer objects in Jamf Pro 27 | # 28 | #################################################################################################### 29 | # 30 | # HISTORY 31 | # 32 | # Version: 1.0 33 | # 34 | # Release Notes: 35 | # - Initial release 36 | # 37 | # - Created by Matthew Mitchell on March 12, 2018 38 | # 39 | #################################################################################################### 40 | # 41 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 42 | # 43 | #################################################################################################### 44 | 45 | ##################################################### 46 | # Credentials 47 | ##################################################### 48 | 49 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 50 | echo "Please enter your JSS URL" 51 | echo "On-Prem Example: https://myjss.com:8443" 52 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 53 | read jssURL 54 | echo "" 55 | 56 | #Trim the trailing slash off if necessary 57 | if [ $(echo "${jssURL: -1}") == "/" ]; then 58 | jssURL=$(echo $jssURL | sed 's/.$//') 59 | fi 60 | 61 | #Login Credentials 62 | echo "Please enter an Adminstrator's username for the JSS:" 63 | read jssUser 64 | echo "" 65 | 66 | echo "Please enter the password for $jssUser's account:" 67 | read -s jssPass 68 | echo "" 69 | 70 | echo "Working..." 71 | echo "" 72 | 73 | ##################################################### 74 | # Initial data gathering 75 | ##################################################### 76 | 77 | #API call to get all Computer IDs 78 | allComputerIDs=$(curl -H "Accept: application/xml" "$jssURL/JSSResource/computers" -ksu $jssUser:$jssPass | xpath //computers/computer/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 79 | 80 | #Read them into an array 81 | IFS=',' read -r -a ids <<< "$allComputerIDs" 82 | 83 | #Get the length 84 | idlength=${#ids[@]} 85 | 86 | ##################################################### 87 | # Setting up the output file 88 | ##################################################### 89 | 90 | #Check if file exists. If it does, remove it, we'll remake a new one later 91 | if [ -f "$HOME/Desktop/directory_report.csv" ]; then 92 | rm $HOME/Desktop/directory_report.csv 93 | fi 94 | 95 | #Output file to write to 96 | outputFile="$HOME/Desktop/directory_report.csv" 97 | 98 | #Create the file 99 | touch $HOME/Desktop/directory_report.csv 100 | 101 | #Set up the first line of the file 102 | echo "Serial Number, Computer Name, Local Username, Home Directory" >> $outputFile 103 | 104 | ##################################################### 105 | # Get inventory information for each computer 106 | ##################################################### 107 | 108 | #Loop through all computer IDs 109 | for ((i=0; i<$idlength; i++)); 110 | do 111 | 112 | #Get the entire inventory record for the computer with current JSS ID 113 | computerData=$(curl -H "Accept: text/xml" -ksu $jssUser:$jssPass "$jssURL/JSSResource/computers/id/${ids[$i]}") 114 | 115 | #Get the Serial Number 116 | serialNumber=$(echo $computerData | xpath "//computer/general/serial_number" 2> /dev/null | sed s/''//g | sed s/'<\/serial_number>'//g) 117 | 118 | #Get the Computer Name 119 | computerName=$(echo $computerData | xpath "//computer/general/name" 2> /dev/null | sed s/''//g | sed s/'<\/name>'//g) 120 | 121 | #Get the Local Account Username(s) 122 | #A comma will be put in between each username 123 | username=$(echo $computerData | xpath "//computer/groups_accounts/local_accounts/user/name" 2> /dev/null | sed s/''//g | sed s/'<\/name>'/','/g | sed 's/.$//') 124 | 125 | #Read the username variable into an array 126 | IFS=',' read -r -a usernames <<< "$username" 127 | 128 | #Get length of array 129 | #Should wind up being the same size as the homeDirectory array 130 | usernamesLength=${#usernames[@]} 131 | 132 | #Get the Local Account Home Directory 133 | #A comma will be put in between multiple directories 134 | homeDirectory=$(echo $computerData | xpath "//computer/groups_accounts/local_accounts/user/home" 2> /dev/null | sed s/''//g | sed s/'<\/home>'/','/g | sed 's/.$//') 135 | 136 | #Read the homeDirectory variable into an array 137 | IFS=',' read -r -a homes <<< "$homeDirectory" 138 | 139 | #Loop through the usernames array 140 | for ((j=0; j<$usernamesLength; j++)); 141 | do 142 | #Write out the data for this username and home directory pair 143 | echo "$serialNumber,$computerName,${usernames[$j]},${homes[$j]}" >> $outputFile 144 | done 145 | done 146 | 147 | echo "Done. directory_report.csv has been placed on your Desktop." 148 | echo "If a single computer shows up multiple times, then that computer has multiple Local Accounts being reported in Inventory." -------------------------------------------------------------------------------- /ClassicAPI/diskReportingAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # diskReportingAPI.sh - Gets the Model and Capacity of all Disks in all Computers in the JSS 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will get each computer's name and serial number, and then the model and capacity 21 | # of each disk reported in the JSS Inventory, and write all of this out to disks.csv on the Desktop 22 | # 23 | # REQUIREMENTS 24 | # 25 | # Admin credentials for the JSS 26 | # This script must be run on a Mac, or modify the output file path to accommodate Linux 27 | # 28 | #################################################################################################### 29 | # 30 | # HISTORY 31 | # 32 | # Version: 1.0 33 | # 34 | # Release Notes: 35 | # - Initial release 36 | # 37 | # - Created by Matthew Mitchell on September 12, 2017 38 | # 39 | #################################################################################################### 40 | # 41 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 42 | # 43 | #################################################################################################### 44 | 45 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 46 | echo "Please enter your JSS URL" 47 | echo "On-Prem Example: https://myjss.com:8443" 48 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 49 | read jssURL 50 | echo "" 51 | 52 | #Trim the trailing slash off if necessary 53 | if [ $(echo "${jssURL: -1}") == "/" ]; then 54 | jssURL=$(echo $jssURL | sed 's/.$//') 55 | fi 56 | 57 | #Login Credentials 58 | echo "Please enter an Adminstrator's username for the JSS:" 59 | read jssUser 60 | echo "" 61 | 62 | echo "Please enter the password for $jssUser's account:" 63 | read -s jssPass 64 | echo "" 65 | 66 | echo "Working...depending on how many computers are enrolled, this may take awhile" 67 | 68 | #Output file to write to 69 | outfile="$HOME/Desktop/disks.csv" 70 | 71 | #Check if file exists. If it does, remove it, we'll remake a new one later 72 | if [ -f "$outfile" ]; then 73 | rm $outfile 74 | fi 75 | 76 | #Initialize the column headers in the file 77 | echo "Computer Name, Serial Number, Disk Model, Disk Capacity (MB)" >> $outfile 78 | 79 | #API call to get all Computer IDs 80 | allComputerIDs=$(curl -H "Accept: application/xml" "$jssURL/JSSResource/computers" -ksu $jssUser:$jssPass | xpath //computers/computer/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 81 | #Read them into an array 82 | IFS=',' read -r -a ids <<< "$allComputerIDs" 83 | #Get the length 84 | idlength=${#ids[@]} 85 | 86 | for ((i=0; i<$idlength; i++)); 87 | do 88 | #Reset all the variables so we don't accidentally concatenate data 89 | name="" 90 | serial="" 91 | model="" 92 | capacity="" 93 | models="" 94 | capacities="" 95 | 96 | currentID=$(echo ${ids[$i]}) 97 | 98 | #API Call to get the Device Name 99 | name=$(curl -H "Accept: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/computers/id/$currentID" -X GET | xpath //computer/general/name 2> /dev/null | sed s/''//g | sed s/'<\/name>'//g) 100 | 101 | #API Call to get the Device Serial 102 | serial=$(curl -H "Accept: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/computers/id/$currentID" -X GET | xpath //computer/general/serial_number 2> /dev/null | sed s/''//g | sed s/'<\/serial_number>'//g) 103 | 104 | #API Call to get all Models of all Disks associated with the Device 105 | model=$(curl -H "Accept: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/computers/id/$currentID" -X GET | xpath //computer/hardware/storage/device/model 2> /dev/null | sed s/''//g | sed s/'<\/model>'/','/g | sed s/''/'Not\ Found,'/g | sed 's/.$//') 106 | 107 | #Make an array out of them so we can iterate later 108 | IFS=',' read -r -a models <<< "$model" 109 | #The number of models and capacities will be the same, and is the number of disks in the computer 110 | numberOfDisks=${#models[@]} 111 | 112 | #API Call to get all Capacities of all Disks associated with the Device 113 | capacity=$(curl -H "Accept: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/computers/id/$currentID" -X GET | xpath //computer/hardware/storage/device/drive_capacity_mb 2> /dev/null | sed s/''//g | sed s/'<\/drive_capacity_mb>'/','/g | sed 's/.$//') 114 | 115 | #Make an array out of them so we can iterate later 116 | IFS=',' read -r -a capacities <<< "$capacity" 117 | 118 | #Start writing this to the outfile 119 | echo "$name,$serial,${models[0]},${capacities[0]}" >> $outfile 120 | 121 | for ((j=1; j<$numberOfDisks; j++)); 122 | do 123 | echo ",,${models[$j]},${capacities[$j]}" >> $outfile 124 | done 125 | 126 | done 127 | 128 | echo "Done. An output file named disks.csv has been placed on your Desktop" -------------------------------------------------------------------------------- /ClassicAPI/getPolicyStatus.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ############################################# 4 | # Created by iMatthewCM on 03/08/2021 # 5 | ################################################################################################# 6 | # This script is not an official product of Jamf Software LLC. As such, it is provided without 7 | # warranty or support. By using this script, you agree that Jamf Software LLC is under no 8 | # obligation to support, debug, or otherwise maintain this script. Licensed under MIT. 9 | # 10 | # NAME: getPolicyStatus.sh 11 | # DESCRIPTION: This script will look at each enrolled computer's policy history and report back 12 | # the status of a particular policy from each computer, saved to a CSV 13 | ################################################################################################# 14 | 15 | ########################## 16 | # VARIABLES TO CONFIGURE # 17 | ########################## 18 | 19 | #Your Jamf Pro URL 20 | #Do not include a trailing / 21 | JAMF_PRO_URL="https://jss.jamfcloud.com" 22 | 23 | #Your API account credentials, encoded as base64 24 | #The only permissions this account needs is "Read" on Computers 25 | #To obtain this value, run something like this in Terminal: 26 | # echo -n "username:password" | base64 27 | AUTHENTICATION_STRING="dXNlcm5hbWU6cGFzc3dvcmQ=" 28 | 29 | #The Policy ID that we want the status of 30 | POLICY_ID_TO_CHECK="8" 31 | 32 | #The following three variables are asking for paths to store things 33 | #ONLY include the directory to store the item in - the script handles the file name and extension 34 | 35 | #The location that a stylesheet can be written out to 36 | #This file will be deleted when the script is done running 37 | STYLESHEET_PATH="/tmp" 38 | 39 | #The location to store a temporary CSV 40 | #This file will be deleted when the script is done running 41 | TEMP_CSV_PATH="/tmp" 42 | 43 | #The location to SAVE your finished report to 44 | CSV_PATH="/Users/admin/Desktop" 45 | 46 | ################################################# 47 | # STOP! DO NOT CHANGE ANYTHING BELOW THIS LINE! # 48 | ################################################# 49 | 50 | #Fill in the rest of our file path variables 51 | STYLESHEET_PATH="$STYLESHEET_PATH/stylesheet.xslt" 52 | TEMP_CSV_PATH="$TEMP_CSV_PATH/temp.csv" 53 | CSV_PATH="$CSV_PATH/PolicyStatus_`/bin/date +%b-%d-%Y_%H-%M `.csv" 54 | 55 | echo "Gathering and parsing policy information..." 56 | echo "If you have a lot of computers in your environment, this script might take a bit to fully complete" 57 | 58 | #Get the data for all of our computers 59 | allComputers=$(/usr/bin/curl -s -H "Authorization: basic $AUTHENTICATION_STRING" -H "accept: text/xml" "$JAMF_PRO_URL/JSSResource/computers" -X GET) 60 | 61 | #Create an array of all of our computer IDs 62 | computerIDs=() 63 | computerIDs+=($(echo "$allComputers" | /usr/bin/xmllint --format - | /usr/bin/awk -F '[<>]' '//{print $3}')) 64 | 65 | #Create our stylesheet for use later on 66 | /bin/cat << EOF > "$STYLESHEET_PATH" 67 | 68 | 69 | 70 | 71 | 72 | 73 | , 74 | 75 | 76 | 77 | 78 | 79 | EOF 80 | 81 | #For each computer ID in the array we just created.... 82 | for ((i=0; i<${#computerIDs[@]}; i++)) 83 | do 84 | 85 | #Get the value of i+1, since XML arrays are zero-indexed 86 | iValuePlusOne=$((i+1)) 87 | 88 | #Get the name of the computer associated to this computer ID 89 | computerName=$(echo "$allComputers" | /usr/bin/xmllint --xpath "string(/computers/computer[$iValuePlusOne]/name)" -) 90 | 91 | #Write that name out to the temporary CSV 92 | echo "$computerName,">> "$TEMP_CSV_PATH" 93 | 94 | #Get that computer's entire policy history and run it through the stylesheet 95 | /usr/bin/curl -s -H "Authorization: basic $AUTHENTICATION_STRING" -H "accept: text/xml" "$JAMF_PRO_URL/JSSResource/computerhistory/id/${computerIDs[i]}/subset/PolicyLogs" -X GET | /usr/bin/xsltproc "$STYLESHEET_PATH" - >> "$TEMP_CSV_PATH" 96 | 97 | done 98 | 99 | #Filter the CSV 100 | #We're saving rows that either contain the policy ID we're looking for in column 1... 101 | #Or if the second column is empty, which means the first column contains the computer name 102 | filteredCSV=$(/usr/bin/awk -v id=$POLICY_ID_TO_CHECK -F ',' '$1 == id || $2 == ""' < "$TEMP_CSV_PATH") 103 | 104 | #Write out our new filtered CSV 105 | echo "$filteredCSV" > "$TEMP_CSV_PATH" 106 | 107 | echo "CSV filtering is complete...preparing final report." 108 | 109 | #Reusable variable 110 | computerName="" 111 | 112 | #Change IFS to a comma for looping through the CSV 113 | IFS=, 114 | 115 | #Loop through our filtered CSV 116 | while read identifier status 117 | do 118 | 119 | #If the status column is empty, then this row contains the computer's name, so stash it in the variable up top 120 | if [[ "$status" = "" ]]; then 121 | computerName="$identifier" 122 | else 123 | #We're in a row containing our policy data, so write it out to our final report file 124 | echo "$computerName,$status" >> "$CSV_PATH" 125 | 126 | #Set out resuable variable back to nothing 127 | computerName="" 128 | fi 129 | 130 | done < "$TEMP_CSV_PATH" 131 | 132 | #Just good housekeeping 133 | unset IFS 134 | 135 | #Clean up our empty files 136 | /bin/rm "$STYLESHEET_PATH" 137 | /bin/rm "$TEMP_CSV_PATH" 138 | 139 | echo "Done! Your finished report for Policy ID $POLICY_ID_TO_CHECK is saved to $CSV_PATH" -------------------------------------------------------------------------------- /ClassicAPI/getScopedAppsListAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # getScopedAppsListAPI.sh - Makes a list containing all Mobile Device Apps that are currently scoped 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script looks through every single app in the JSS and checks if it has a scope. If it has a scope 21 | # the name of the app is added to a file called appsBeingScoped.txt and the file will be placed on the 22 | # script runner's desktop 23 | # 24 | # REQUIREMENTS 25 | # 26 | # Administrative Credentials for the JSS 27 | # 28 | #################################################################################################### 29 | # 30 | # HISTORY 31 | # 32 | # Version: 1.1 33 | # 34 | # Release Notes: 35 | # - Style Guide Compatibility 36 | # 37 | # - Created by Matthew Mitchell on May 4, 2017 38 | # - Updated by Matthew Mitchell on July 10, 2017 v1.1 39 | # 40 | #################################################################################################### 41 | # 42 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 43 | # 44 | #################################################################################################### 45 | 46 | echo "Please enter your JSS URL" 47 | echo "On-Prem Example: https://myjss.com:8443" 48 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 49 | echo "Do NOT use a trailing / !!" 50 | read jssURL 51 | echo "" 52 | 53 | echo "Please enter Admin credentials the JSS:" 54 | read jssUser 55 | echo "" 56 | 57 | echo "Please enter the password for your Admin account:" 58 | read -s jssPass 59 | echo "" 60 | 61 | ids=$(curl -H "Content-Type: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/mobiledeviceapplications" -X GET | xpath //mobile_device_applications/mobile_device_application/id | sed s/''//g | sed s/'<\/id>'/', '/g) 62 | 63 | IFS=', ' read -r -a array <<< "$ids" 64 | 65 | length=${#array[@]} 66 | 67 | emptyScopeResponse="falsefalse" 68 | 69 | for ((i=0; i<$length;i++)); 70 | 71 | do 72 | #Get the contents of the line, and cut it off when we get to a < 73 | currentID=$(echo ${array[$i]}) 74 | scopeResponse=$(curl -H "Content-Type: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/mobiledeviceapplications/id/$currentID/subset/Scope" -X GET) 75 | 76 | if [ "$scopeResponse" != "$emptyScopeResponse" ]; then 77 | #get the name of the app for currentID 78 | nameCurrentID=$(curl -H "Content-Type: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/mobiledeviceapplications/id/$currentID" -X GET | xpath //mobile_device_application/general/name | sed s/''//g | sed s/'<\/name>'//g) 79 | echo $nameCurrentID >> ~/Desktop/appsBeingScoped.txt 80 | fi 81 | done 82 | -------------------------------------------------------------------------------- /ClassicAPI/getiPadBySerialAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # getiPadBySerialAPI.sh - Uses the REST API to look up any enrolled iPad by Serial Number 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script looks up any given serial number for a device, and if enrolled in the JSS, will 21 | # return the XML output containing the inventory record information. A .txt file will be created 22 | # on the Desktop named SERIAL_NUMBER Output.txt, where SERIAL_NUMBER is replaced for the device's 23 | # actual serial number. 24 | # 25 | # REQUIREMENTS 26 | # 27 | # This script requires valid login credentials for a JSS Administrator, a valid iOS Serial Number, 28 | # and must be run as root (sudo) so that a file can be placed on the Desktop. 29 | # 30 | #################################################################################################### 31 | # 32 | # HISTORY 33 | # 34 | # Version: 1.1 35 | # 36 | # Release Notes: 37 | # - Style Guide Compatibility 38 | # 39 | # - Created by Matthew Mitchell on March 13, 2017 40 | # - Updated by Matthew Mitchell on July 10, 2017 v1.1 41 | # 42 | #################################################################################################### 43 | # 44 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 45 | # 46 | #################################################################################################### 47 | 48 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 49 | echo "Please enter your JSS URL" 50 | echo "On-Prem Example: https://myjss.com:8443" 51 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 52 | echo "Do NOT use a trailing / !!" 53 | read jssURL 54 | echo "" 55 | 56 | #Login Credentials 57 | echo "Please enter an Adminstrator's username for the JSS:" 58 | read jssUser 59 | echo "" 60 | 61 | echo "Please enter the password for your Admin account:" 62 | read -s jssPass 63 | echo "" 64 | 65 | #Login Credentials 66 | echo "Please enter the Serial Number of the Mobile Device to get:" 67 | read serialNumber 68 | echo "" 69 | 70 | resourceURL="/JSSResource/mobiledevices/serialnumber/" 71 | 72 | output="$(curl "$jssURL$resourceURL$serialNumber" -kvu $jssUser:$jssPass)" 73 | 74 | echo > ~/Desktop/$serialNumber\ Output.txt "$output" 75 | 76 | 77 | 78 | -------------------------------------------------------------------------------- /ClassicAPI/iOSAppInstallMethodsAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # iOSAppInstallMethodsAPI.sh - Reports all Install Methods for all iOS Apps in the JSS 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script returns the app name and the installation method for each iOS App in the JSS 21 | # 22 | # REQUIREMENTS 23 | # 24 | # Administrative credentials to the JSS 25 | # 26 | #################################################################################################### 27 | # 28 | # HISTORY 29 | # 30 | # Version: 1.0 31 | # 32 | # Release Notes: 33 | # - Initial release 34 | # 35 | # - Created by Matthew Mitchell on November 6, 2017 36 | # 37 | #################################################################################################### 38 | # 39 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 40 | # 41 | #################################################################################################### 42 | 43 | ##################################################### 44 | # Credentials 45 | ##################################################### 46 | 47 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 48 | echo "Please enter your JSS URL" 49 | echo "On-Prem Example: https://myjss.com:8443" 50 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 51 | read jssURL 52 | echo "" 53 | 54 | #Trim the trailing slash off if necessary 55 | if [ $(echo "${jssURL: -1}") == "/" ]; then 56 | jssURL=$(echo $jssURL | sed 's/.$//') 57 | fi 58 | 59 | #Login Credentials 60 | echo "Please enter an Adminstrator's username for the JSS:" 61 | read jssUser 62 | echo "" 63 | 64 | echo "Please enter the password for $jssUser's account:" 65 | read -s jssPass 66 | echo "" 67 | 68 | echo "Working...please wait..." 69 | ##################################################### 70 | # Setting up the output file 71 | ##################################################### 72 | 73 | #Output file to write to 74 | outputFile="$HOME/Desktop/iOS_App_Report.csv" 75 | 76 | #Check if file exists. If it does, remove it, we'll remake a new one later 77 | if [ -f "$outputFile" ]; then 78 | rm $outputFile 79 | fi 80 | 81 | #Create the file 82 | touch $outputFile 83 | 84 | #Set up the first line of the file 85 | echo "App Name,Installation Method" >> $outputFile 86 | 87 | ##################################################### 88 | # Read in Application IDs 89 | ##################################################### 90 | 91 | #GET 92 | allAppIDs=$(curl "$jssURL/JSSResource/mobiledeviceapplications" -ksu $jssUser:$jssPass | xpath //mobile_device_applications/mobile_device_application/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 93 | #Make array 94 | IFS=',' read -r -a appIDs <<< "$allAppIDs" 95 | idLength=${#appIDs[@]} 96 | 97 | ##################################################### 98 | # GET data and write CSV 99 | ##################################################### 100 | 101 | for((i=0; i<$idLength; i++)) 102 | do 103 | #Get App Name by ID 104 | appName=$(curl "$jssURL/JSSResource/mobiledeviceapplications/id/${appIDs[$i]}" -ksu $jssUser:$jssPass | xpath //mobile_device_application/general/name 2> /dev/null | sed s/''//g | sed s/'<\/name>'/''/g | sed s/','/''/g) 105 | 106 | #Get Installation Method by ID 107 | installMethod=$(curl "$jssURL/JSSResource/mobiledeviceapplications/id/${appIDs[$i]}" -ksu $jssUser:$jssPass | xpath //mobile_device_application/general/deployment_type 2> /dev/null | sed s/''//g | sed s/'<\/deployment_type>'/''/g) 108 | 109 | #Write CSV 110 | echo "$appName,$installMethod" >> $outputFile 111 | 112 | done 113 | 114 | echo "Done" -------------------------------------------------------------------------------- /ClassicAPI/macStaticGroupAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # macStaticGroupAPI.sh - Creates a Static Computer Group 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will create a Static Computer Group based on a CSV of JSS Computer IDs 21 | # 22 | # REQUIREMENTS 23 | # 24 | # A CSV containing all of the JSS Computer IDs to insert into a Static Group 25 | # 26 | #################################################################################################### 27 | # 28 | # HISTORY 29 | # 30 | # Version: 1.2 31 | # 32 | # Release Notes: 33 | # - Fixed a bug with how XML was being written that wasn't compatible with the Jamf API 34 | # 35 | # - Created by Matthew Mitchell on June 26, 2017 36 | # - Updated by Matthew Mitchell on July 10, 2017 v1.1 37 | # - Updated by Matthew Mitchell on June 7, 2018 v1.2 38 | # 39 | #################################################################################################### 40 | # 41 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 42 | # 43 | #################################################################################################### 44 | 45 | echo "-------------------------" 46 | echo "NOTE: A file named macStaticgroupAPI.txt will be placed in your /tmp directory containing" 47 | echo "the XML that is sent to your JSS server." 48 | echo "Please be patient as this script runs - it can take a bit depending on how big the CSV is" 49 | echo "-------------------------" 50 | echo "" 51 | 52 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 53 | echo "Please enter your JSS URL" 54 | echo "On-Prem Example: https://myjss.com:8443" 55 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 56 | echo "Do NOT use a trailing / !!" 57 | read jssURL 58 | echo "" 59 | 60 | #Login Credentials 61 | echo "Please enter an Adminstrator's username for the JSS:" 62 | read jssUser 63 | echo "" 64 | 65 | echo "Please enter the password for your Admin account:" 66 | read -s jssPass 67 | echo "" 68 | 69 | #CSV file path for devices list - JSS ID numbers only 70 | echo "Please drag and drop CSV into this window and hit enter" 71 | read deviceList 72 | echo "" 73 | 74 | #Name our static Device group 75 | echo "What should the group name be? DO NOT USE SPACES!" 76 | read name 77 | 78 | #Read CSV into array 79 | IFS=$'\n' read -d '' -r -a deviceIDs < $deviceList 80 | 81 | length=${#deviceIDs[@]} 82 | 83 | #Check if file exists. If it does, remove it, we'll remake a new one later 84 | if [ -f "/tmp/macStaticgroupAPI.txt" ]; then 85 | rm /tmp/macStaticgroupAPI.txt 86 | fi 87 | 88 | outfile="/tmp/macStaticgroupAPI.txt" 89 | 90 | #build the xml from the array 91 | echo >> $outfile "$namefalse" 92 | 93 | for ((i=0; i<$length;i++)); 94 | do 95 | deviceid=$(echo "${deviceIDs[$i]}" | sed 's/,//g' | tr -d '\r\n') 96 | echo >> $outfile "$deviceid" 97 | 98 | done 99 | 100 | echo >> $outfile "" 101 | 102 | #post the XML file to the JSS 103 | curl -ksu $jssUser:$jssPass -H "Content-type: text/xml" $jssURL/JSSResource/computergroups/id/0 -X POST -T $outfile > /dev/null -------------------------------------------------------------------------------- /ClassicAPI/mobileStaticGroupAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # mobileStaticGroupAPI.sh - Blurb About Script 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will create a Static Mobile Device Group based on a CSV of JSS Mobile Device IDs 21 | # 22 | # REQUIREMENTS 23 | # 24 | # A CSV containing all of the JSS Mobile Device IDs to insert into a Static Group 25 | # 26 | #################################################################################################### 27 | # 28 | # HISTORY 29 | # 30 | # Version: 1.1 31 | # 32 | # Release Notes: 33 | # - Style Guide Compatibility 34 | # 35 | # - Created by Matthew Mitchell on June 26, 2017 36 | # - Updated by Matthew Mitchell on July 10, 2017 v1.1 37 | # 38 | #################################################################################################### 39 | # 40 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 41 | # 42 | #################################################################################################### 43 | 44 | echo "-------------------------" 45 | echo "NOTE: A file named mobileStaticgroupAPI.txt will be placed in your /tmp directory containing" 46 | echo "the XML that is sent to your JSS server." 47 | echo "Please be patient as this script runs - it can take a bit depending on how big the CSV is" 48 | echo "-------------------------" 49 | echo "" 50 | 51 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 52 | echo "Please enter your JSS URL" 53 | echo "On-Prem Example: https://myjss.com:8443" 54 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 55 | echo "Do NOT use a trailing / !!" 56 | read jssURL 57 | echo "" 58 | 59 | #Login Credentials 60 | echo "Please enter an Adminstrator's username for the JSS:" 61 | read jssUser 62 | echo "" 63 | 64 | echo "Please enter the password for your Admin account:" 65 | read -s jssPass 66 | echo "" 67 | 68 | #CSV file path for devices list - JSS ID numbers only 69 | echo "Please drag and drop CSV into this window and hit enter" 70 | read deviceList 71 | echo "" 72 | 73 | #Name our static Device group 74 | echo "What should the group name be? DO NOT USE SPACES!" 75 | read Name 76 | 77 | #Read CSV into array 78 | IFS=$'\n' read -d '' -r -a deviceIDs < $deviceList 79 | 80 | length=${#deviceIDs[@]} 81 | 82 | #Check if file exists. If it does, remove it, we'll remake a new one later 83 | if [ -f "/tmp/mobileStaticgroupAPI.txt" ]; then 84 | rm /tmp/mobileStaticgroupAPI.txt 85 | fi 86 | 87 | outfile="/tmp/mobileStaticgroupAPI.txt" 88 | 89 | #build the xml from the array 90 | echo >> $outfile "$Namefalse" 91 | 92 | for ((i=0; i<$length;i++)); 93 | do 94 | deviceID=$(echo "${deviceIDs[$i]}" | sed 's/,//g' | tr -d '\r\n') 95 | echo >> $outfile "$deviceID" 96 | 97 | done 98 | 99 | echo >> $outfile "" 100 | 101 | #post the XML file to the JSS 102 | curl -ksu $jssUser:$jssPass -H "Content-type: text/xml" $jssURL/JSSResource/mobiledevicegroups/id/0 -X POST -T $outfile > /dev/null -------------------------------------------------------------------------------- /ClassicAPI/modifyClassesByGroupAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # modifyClassesByGroupAPI.sh - Inserts or removes a single Mobile Device Group to any specified class 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script searches for all devices associated with a specified Group and gets all of the device's names, UDIDs, and WiFi Mac addresses, and inserts or removes the proper data to all classes 21 | # 22 | # REQUIREMENTS 23 | # 24 | # This script needs at least one class that is already set up in the JSS, as well as an already-populated Smart 25 | # or Static Mobile Device Group. 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 3.0 32 | # 33 | # Release Notes: 34 | # - Fixed bad code from 2.0 35 | # - Added a mode to remove a group from all classes 36 | # 37 | # - Created by Matthew Mitchell on April 28, 2017 38 | # - Updated by Matthew Mitchell on August 18, 2017 v2.0 39 | # - Updated by Matthew Mitchell on August 22, 2017 v3.0 40 | # 41 | #################################################################################################### 42 | # 43 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 44 | # 45 | #################################################################################################### 46 | 47 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 48 | echo "Please enter your JSS URL" 49 | echo "On-Prem Example: https://myjss.com:8443" 50 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 51 | echo "Do NOT use a trailing / !!" 52 | read jssURL 53 | echo "" 54 | 55 | #Login Credentials 56 | echo "Please enter an Adminstrator's username for the JSS:" 57 | read jssUser 58 | echo "" 59 | 60 | echo "Please enter the password for $jssUser's account:" 61 | read -s jssPass 62 | echo "" 63 | 64 | #Figure out which mode we're in 65 | echo "Press 1 to ADD a group to ALL classes" 66 | echo " -or-" 67 | echo "Press 2 to REMOVE a group from ALL classes" 68 | read mode 69 | echo "" 70 | 71 | if [ "$mode" == "1" ]; then 72 | modeString="add to" 73 | else 74 | modeString="remove from" 75 | fi 76 | 77 | echo "What is the exact name, including spaces and capitalization, of the group to $modeString ALL classes?" 78 | read mobileGroup 79 | echo "" 80 | 81 | #Replace spaces as necessary 82 | mobileGroupAdjusted=$(echo $mobileGroup | sed 's/ /%20/g') 83 | 84 | echo "Working...this may take a few moments..." 85 | echo "" 86 | 87 | ##################################################### 88 | # CURL Commands to get data 89 | ##################################################### 90 | 91 | #Get ID of mobileGroup 92 | groupID=$(curl -H "Accept: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/mobiledevicegroups/name/$mobileGroupAdjusted" -X GET | cut -d '<' -f4 | cut -d '>' -f2) 93 | 94 | #Get IDs of all classes 95 | classIDs=$(curl -H "Accept: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/classes" -X GET | xpath //classes/class/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 96 | IFS=',' read -r -a classes <<< "$classIDs" 97 | classLength=${#classes[@]} 98 | 99 | 100 | ##################################################### 101 | # Function to ADD the group to all classes 102 | ##################################################### 103 | 104 | function addToScope () { 105 | 106 | for ((i=0; i<$classLength; i++)); 107 | do 108 | currentClass=$(echo ${classes[$i]}) 109 | 110 | #Need to get the current groups scoped to it 111 | scope=$(curl -H "Accept: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/classes/id/$currentClass" -X GET | xpath //class/mobile_device_group_ids/id 2> /dev/null) 112 | #And then add the additional group to the scope 113 | scope+="$groupID" 114 | #Send it off 115 | curl -H "Content-Type: application/xml" -d "$scope" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/classes/id/$currentClass" -X PUT 116 | done 117 | 118 | } 119 | 120 | ##################################################### 121 | # Function to REMOVE the group from all classes 122 | ##################################################### 123 | 124 | function removeFromScope () { 125 | 126 | #For each and every Class... 127 | for ((i=0; i<$classLength; i++)); 128 | do 129 | #Get the current class ID 130 | currentClass=$(echo ${classes[$i]}) 131 | #Get a list of all the Group IDs the class is currently scoped to 132 | scope=$(curl -H "Accept: application/xml" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/classes/id/$currentClass" -X GET | xpath //class/mobile_device_group_ids/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 133 | #Make it into an array 134 | IFS=',' read -r -a currentClassScope <<< "$scope" 135 | #Get the length 136 | scopeLength=${#currentClassScope[@]} 137 | 138 | #Initialize variable 139 | xmlForPut="" 140 | #For each Group ID that we threw into the array... 141 | for ((j=0; j<$scopeLength; j++)); 142 | do 143 | #If this Group ID is NOT the same as the Group ID we are removing 144 | if [ "${currentClassScope[$j]}" != "$groupID" ]; then 145 | #Add it to the string 146 | xmlForPut+="${currentClassScope[$j]}" 147 | fi 148 | done 149 | 150 | #Update the Class with the new scope. This will only include Group IDs that were not equal to the Group ID to remove 151 | curl -H "Content-Type: application/xml" -d "$xmlForPut" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/classes/id/$currentClass" -X PUT 152 | 153 | done 154 | } 155 | 156 | ################################################################## 157 | # Determine which mode we're in and call the appropriate function 158 | ################################################################## 159 | 160 | if [ "$mode" == "1" ]; then 161 | addToScope 162 | else 163 | removeFromScope 164 | fi 165 | 166 | 167 | echo "" 168 | echo "" 169 | echo "Done, check your JSS." 170 | 171 | -------------------------------------------------------------------------------- /ClassicAPI/printersAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # printersAPI.sh - Creates printers in Jamf Pro based on a CSV 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script parses a CSV and creates a printer in Jamf Pro based on the contents 21 | # 22 | # REQUIREMENTS 23 | # 24 | # Administrative credentials to Jamf Pro 25 | # 26 | # A CSV with the following headers: 27 | # Name, Category, URI, CUPS Name, Location, Model, Info, Notes, Make Default, OS Requirements 28 | # 29 | # Only Name, URI, and CUPS Name are required. All other fields are optional 30 | # 31 | # This script only supports a single OS Requirement at this time. 32 | # (Example, 10.13.x is fine, but 10.12.x, 10.13.x is not) 33 | # 34 | # Categories must already exist in Jamf Pro prior to the script running 35 | # 36 | #################################################################################################### 37 | # 38 | # HISTORY 39 | # 40 | # Version: 1.0 41 | # 42 | # Release Notes: 43 | # - Initial release 44 | # 45 | # - Created by Matthew Mitchell on December 8, 2017 46 | # 47 | #################################################################################################### 48 | # 49 | # DEFINE VARIABLES & READ IN PARAMETERS 50 | # 51 | #################################################################################################### 52 | 53 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 54 | echo "Please enter your JSS URL" 55 | echo "On-Prem Example: https://myjss.com:8443" 56 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 57 | read jssURL 58 | echo "" 59 | 60 | #Trim the trailing slash off if necessary 61 | if [ $(echo "${jssURL: -1}") == "/" ]; then 62 | jssURL=$(echo $jssURL | sed 's/.$//') 63 | fi 64 | 65 | #Login Credentials 66 | echo "Please enter an Adminstrator's username for the JSS:" 67 | read jssUser 68 | echo "" 69 | 70 | echo "Please enter the password for $jssUser's account:" 71 | read -s jssPass 72 | echo "" 73 | 74 | #Get Path to Printer CSV 75 | echo "Please drag the CSV containing the Printers to add into this window and press Enter:" 76 | read csvFile 77 | echo "" 78 | 79 | #################################################################################################### 80 | # 81 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 82 | # 83 | #################################################################################################### 84 | 85 | #API resource we're using 86 | resourceURL="/JSSResource/printers/id/0" 87 | 88 | ##################################################### 89 | # Set up logging 90 | ##################################################### 91 | 92 | #Log file for this script to write to 93 | logFile="$HOME/Desktop/JamfPrinterLog.txt" 94 | 95 | #Write a new run into the log file to preserve existing contents 96 | echo "-------------New Script Run-------------" >> $logFile 97 | echo "" >> $logFile 98 | 99 | #Write to the log. Takes in $appID and a status message 100 | logging () { 101 | echo "Printer Name: $1 | Status: $2" >> $logFile 102 | echo "" >> $logFile 103 | } 104 | 105 | ##################################################### 106 | # Set up script to run 107 | ##################################################### 108 | 109 | #Read CSV into array 110 | IFS=$'\n' read -d '' -r -a printers < $csvFile 111 | 112 | #Length of the array we just made 113 | length=${#printers[@]} 114 | 115 | ##################################################### 116 | # API Request 117 | ##################################################### 118 | 119 | #Go through each line, each line is a printer 120 | #Start at i=1 since the first line is just headers 121 | for ((i=1; i<$length; i++)); 122 | do 123 | 124 | #Get all the data for this printer 125 | name=$(echo ${printers[$i]} | cut -d ',' -f1) 126 | category=$(echo ${printers[$i]} | cut -d ',' -f2) 127 | uri=$(echo ${printers[$i]} | cut -d ',' -f3) 128 | cups=$(echo ${printers[$i]} | cut -d ',' -f4) 129 | location=$(echo ${printers[$i]} | cut -d ',' -f5) 130 | model=$(echo ${printers[$i]} | cut -d ',' -f6) 131 | info=$(echo ${printers[$i]} | cut -d ',' -f7) 132 | notes=$(echo ${printers[$i]} | cut -d ',' -f8) 133 | default=$(echo ${printers[$i]} | cut -d ',' -f9 | sed s/' '/''/g | tr '[:upper:]' '[:lower:]') 134 | osreqs=$(echo ${printers[$i]} | cut -d ',' -f10) 135 | 136 | #POST the printer data 137 | output=$(curl -H "Content-Type: application/xml" -d "$name$category$uri$cups$location$model$info$notes$defaulttrue/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Resources/Generic.ppd$osreqs" -ksu "$jssUser":"$jssPass" "$jssURL$resourceURL" -X POST) 138 | 139 | #See what we got back from the API command 140 | successMessage=$(echo $output | cut -d '?' -f2) 141 | 142 | #If the output of the curl command is equal to this string 143 | if [ "$successMessage" == "xml version=\"1.0\" encoding=\"UTF-8\"" ]; then 144 | #API call was successful, log it 145 | logging "$name" "Success" 146 | else 147 | #Something went wrong, log it 148 | logging "$name" "Failed" 149 | fi 150 | 151 | done 152 | 153 | echo "Done. JamfPrinterLog.txt was placed on your Desktop containing script results." -------------------------------------------------------------------------------- /ClassicAPI/smartToStaticConverter.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 4 | echo "Please enter your JSS URL" 5 | echo "On-Prem Example: https://myjss.com:8443" 6 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 7 | read jssURL 8 | echo "" 9 | 10 | #Trim the trailing slash off if necessary 11 | if [ $(echo "${jssURL: -1}") == "/" ]; then 12 | jssURL=$(echo $jssURL | sed 's/.$//') 13 | fi 14 | 15 | #Login Credentials 16 | echo "Please enter an Adminstrator's username for the JSS:" 17 | read jssUser 18 | echo "" 19 | 20 | echo "Please enter the password for $jssUser's account:" 21 | read -s jssPass 22 | echo "" 23 | 24 | echo "Please enter the name of the Smart Group to convert to a Static Group" 25 | read smartGroupName 26 | echo "" 27 | 28 | #Generate a name for the static group 29 | staticName="$smartGroupName - Static" 30 | 31 | #Tell the user what we are making 32 | echo "Creating Static Group: $staticName ..." 33 | echo "" 34 | 35 | #Throw %20 in place of spaces so we can GET properly 36 | formattedName=$(echo "$smartGroupName" | sed s/' '/%20/g) 37 | 38 | #GET all computer IDs in the specified smart group 39 | allComputerIDs=$(curl -H "Accept: text/xml" -ksu $jssUser:$jssPass "$jssURL/JSSResource/computergroups/name/$formattedName" | xpath //computer_group/computers/computer/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 40 | 41 | #Read the computer IDs into an array 42 | IFS=',' read -r -a computerIDs <<< "$allComputerIDs" 43 | 44 | #Get the length of the array so we can loop through it 45 | idlength=${#computerIDs[@]} 46 | 47 | #build the xml to POST 48 | apiPOST="$staticNamefalse" 49 | 50 | #add computers to group 51 | for ((i=0; i<$idlength;i++)); 52 | do 53 | deviceid=$(echo "${computerIDs[$i]}" | sed 's/,//g' | tr -d '\r\n') 54 | apiPOST+="$deviceid" 55 | 56 | done 57 | 58 | #Close up the data 59 | apiPOST+="" 60 | 61 | #POST the group 62 | curl -H "Content-Type: text/xml" -d "$apiPOST" -ksu "$jssUser":"$jssPass" "$jssURL/JSSResource/computergroups/id/0" -X POST 63 | 64 | echo "" 65 | echo "Done." -------------------------------------------------------------------------------- /ClassicAPI/updateComputerPurchasingAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # updateComputerPurchasingAPI.sh - Updates a Computer's Inventory Record with Purchasing Info 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will add a Warranty Expiration, AppleCare ID, PO Number, and PO Date to a list of serial numbers 21 | # 22 | # REQUIREMENTS 23 | # 24 | # This script requires a CSV file with three columns, in order: 25 | # Serial Number, Warranty Expiration, AppleCare ID, PO Number, PO Date 26 | # 27 | # The Serial Number must be an exact match for an enrolled Computer 28 | # The Warranty Expiration must be in the form of YYYY-MM-DD 29 | # The AppleCare ID can be pretty much anything without a comma in it 30 | # The PO Number can be pretty much anything without a comma in it 31 | # The PO Date must be in the form of YYYY-MM-DD 32 | # 33 | # Do NOT put a header on your columns. Just make sure to put them in the exact order of: 34 | # Serial Number, Warranty Expiration, AppleCare ID, PO Number, PO Date 35 | # 36 | # The purchasing information for each device will be applied to the Serial Number in the same row 37 | # 38 | # Example: 39 | # XNIT2FJSOCP2,2017-06-19,apple1@me.com,COEHS-9283,2015-08-28 40 | # UQBPLARMKKPZ,2015-10-11,apple1@me.com,MUED-2498,2013-10-28 41 | # UQIWN4WJYWGR,2014-07-05,apple1@me.com,8357-9871,2014-11-19 42 | # 43 | #################################################################################################### 44 | # 45 | # HISTORY 46 | # 47 | # Version: 1.2 48 | # 49 | # Release Notes: 50 | # - Style Guide Compatibility 51 | # 52 | # - Created by Matthew Mitchell on June 28, 2017 53 | # - Updated by Matthew Mitchell on July 5, 2017 v1.1 54 | # - Updated by Matthew Mitchell on July 10, 2017 v1.2 55 | # 56 | #################################################################################################### 57 | # 58 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 59 | # 60 | #################################################################################################### 61 | 62 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 63 | echo "Please enter your JSS URL" 64 | echo "On-Prem Example: https://myjss.com:8443" 65 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 66 | echo "Do NOT use a trailing / !!" 67 | read jssURL 68 | echo "" 69 | 70 | #Login Credentials 71 | echo "Please enter an Adminstrator's username for the JSS:" 72 | read jssUser 73 | echo "" 74 | 75 | echo "Please enter the password for your Admin account:" 76 | read -s jssPass 77 | echo "" 78 | 79 | #Path to CSV 80 | echo "Please drag the CSV into this window and press Enter:" 81 | read inputCSV 82 | echo "" 83 | 84 | echo "Working..." 85 | 86 | resourceURL="/JSSResource/computers/serialnumber/" 87 | 88 | #Change this to true for additional output if there are errors 89 | debugging=false 90 | 91 | #Read CSV into array 92 | IFS=$'\n' read -d '' -r -a purchasingInfo < $inputCSV 93 | 94 | length=${#purchasingInfo[@]} 95 | 96 | #Loop through the purchasingInfo array 97 | for ((i=0; i<$length;i++)); 98 | do 99 | #Grab Serial, Warranty, AppleID, PO Number, and PO Date 100 | serial=$(echo ${purchasingInfo[$i]} | cut -d ',' -f1 | tr -d '\r\n') 101 | warranty=$(echo ${purchasingInfo[$i]} | cut -d ',' -f2 | tr -d '\r\n') 102 | appleid=$(echo ${purchasingInfo[$i]} | cut -d ',' -f3 | tr -d '\r\n') 103 | ponum=$(echo ${purchasingInfo[$i]} | cut -d ',' -f4 | tr -d '\r\n') 104 | podate=$(echo ${purchasingInfo[$i]} | cut -d ',' -f5 | tr -d '\r\n') 105 | 106 | #Make the API call 107 | curl -H "Content-Type: application/xml" -d "$ponum$appleid$podate$warranty" "$jssURL$resourceURL$serial" -ksu $jssUser:$jssPass -X PUT > /dev/null 108 | done 109 | 110 | echo "Done." -------------------------------------------------------------------------------- /ClassicAPI/updateMobilePurchasingAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # updateMobilePurchasingAPI.sh - Updates a Mobile Device's Inventory Record with Purchasing Info 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will add a Warranty Expiration, AppleCare ID, PO Number, and PO Date to a list of serial numbers 21 | # 22 | # REQUIREMENTS 23 | # 24 | # This script requires a CSV file with three columns, in order: 25 | # Serial Number, Warranty Expiration, AppleCare ID, PO Number, PO Date 26 | # 27 | # The Serial Number must be an exact match for an enrolled Computer 28 | # The Warranty Expiration must be in the form of YYYY-MM-DD 29 | # The AppleCare ID can be pretty much anything without a comma in it 30 | # The PO Number can be pretty much anything without a comma in it 31 | # The PO Date must be in the form of YYYY-MM-DD 32 | # 33 | # Do NOT put a header on your columns. Just make sure to put them in the exact order of: 34 | # Serial Number, Warranty Expiration, AppleCare ID, PO Number, PO Date 35 | # 36 | # The purchasing information for each device will be applied to the Serial Number in the same row 37 | # 38 | # Example: 39 | # XNIT2FJSOCP2,2017-06-19,apple1@me.com,COEHS-9283,2015-08-28 40 | # UQBPLARMKKPZ,2015-10-11,apple1@me.com,MUED-2498,2013-10-28 41 | # UQIWN4WJYWGR,2014-07-05,apple1@me.com,8357-9871,2014-11-19 42 | # 43 | #################################################################################################### 44 | # 45 | # HISTORY 46 | # 47 | # Version: 1.2 48 | # 49 | # Release Notes: 50 | # - Style Guide Compatibility 51 | # 52 | # - Created by Matthew Mitchell on June 28, 2017 53 | # - Updated by Matthew Mitchell on July 5, 2017 v1.1 54 | # - Updated by Matthew Mitchell on July 10, 2017 v1.2 55 | # 56 | #################################################################################################### 57 | # 58 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 59 | # 60 | #################################################################################################### 61 | 62 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 63 | echo "Please enter your JSS URL" 64 | echo "On-Prem Example: https://myjss.com:8443" 65 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 66 | echo "Do NOT use a trailing / !!" 67 | read jssURL 68 | echo "" 69 | 70 | #Login Credentials 71 | echo "Please enter an Adminstrator's username for the JSS:" 72 | read jssUser 73 | echo "" 74 | 75 | echo "Please enter the password for your Admin account:" 76 | read -s jssPass 77 | echo "" 78 | 79 | #Path to CSV 80 | echo "Please drag the CSV into this window and press Enter:" 81 | read inputCSV 82 | echo "" 83 | 84 | echo "Working..." 85 | 86 | #API location 87 | resourceURL="/JSSResource/mobiledevices/serialnumber/" 88 | 89 | #Read CSV into array 90 | IFS=$'\n' read -d '' -r -a purchasingInfo < $inputCSV 91 | 92 | length=${#purchasingInfo[@]} 93 | 94 | #Loop through the purchasingInfo array 95 | for ((i=0; i<$length;i++)); 96 | do 97 | #Grab Serial, Warranty, AppleID, PO Number, and PO Date 98 | serial=$(echo ${purchasingInfo[$i]} | cut -d ',' -f1 | tr -d '\r\n') 99 | warranty=$(echo ${purchasingInfo[$i]} | cut -d ',' -f2 | tr -d '\r\n') 100 | appleid=$(echo ${purchasingInfo[$i]} | cut -d ',' -f3 | tr -d '\r\n') 101 | ponum=$(echo ${purchasingInfo[$i]} | cut -d ',' -f4 | tr -d '\r\n') 102 | podate=$(echo ${purchasingInfo[$i]} | cut -d ',' -f5 | tr -d '\r\n') 103 | 104 | #Make the API call 105 | curl -H "Content-Type: application/xml" -d "$ponum$appleid$podate$warranty" "$jssURL$resourceURL$serial" -ksu $jssUser:$jssPass -X PUT > /dev/null 106 | done 107 | 108 | echo "Done." -------------------------------------------------------------------------------- /ClassicAPI/usersWithComputers.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # usersWithComputers.sh - Provides a list of all Users with Computers assigned to them 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script gets all Users in Jamf Pro and then checks each to see if they have at least one 21 | # computer assigned to them. If so, the script writes it to the output file. 22 | # 23 | # REQUIREMENTS 24 | # 25 | # This script requires credentials to Jamf Pro that have, at minimum, READ access on User objects 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.0 32 | # 33 | # Release Notes: 34 | # - Initial release 35 | # 36 | # - Created by Matthew Mitchell on August 20, 2018 37 | # 38 | #################################################################################################### 39 | # 40 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 41 | # 42 | #################################################################################################### 43 | 44 | 45 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 46 | echo "Please enter your JSS URL" 47 | echo "On-Prem Example: https://myjss.com:8443" 48 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 49 | read jssURL 50 | echo "" 51 | 52 | #Trim the trailing slash off if necessary 53 | if [ $(echo "${jssURL: -1}") == "/" ]; then 54 | jssURL=$(echo $jssURL | sed 's/.$//') 55 | fi 56 | 57 | #Login Credentials 58 | echo "Please enter a username to authenticate with Jamf Pro:" 59 | read jssUser 60 | echo "" 61 | 62 | echo "Please enter the password for $jssUser's account:" 63 | read -s jssPass 64 | echo "" 65 | 66 | echo "Working..." 67 | echo "" 68 | 69 | #Set the output file 70 | outputFile=$HOME/Desktop/usersWithComputers.csv 71 | 72 | #Check if file exists. If it does, remove it, we'll remake a new one later 73 | if [ -f "$HOME/Desktop/usersWithComputers.csv" ]; then 74 | rm $HOME/Desktop/usersWithComputers.csv 75 | fi 76 | 77 | #Initialize the headers in the output file 78 | echo "User ID,Username,Full Name" >> $outputFile 79 | 80 | #GET all User IDs to loop through 81 | allUserIDs=$(curl -H "Accept: text/xml" -ksu $jssUser:$jssPass "$jssURL/JSSResource/users" | xpath //users/user/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 82 | 83 | #Read them into an array 84 | IFS=',' read -r -a ids <<< "$allUserIDs" 85 | 86 | #Get length of array 87 | length=${#ids[@]} 88 | 89 | #Loop through the array 90 | for ((i=0; i<$length; i++)); 91 | do 92 | 93 | #Pull down the user data so we don't have to keep requesting it 94 | userData=$(curl -H "Accept: text/xml" -ksu $jssUser:$jssPass "$jssURL/JSSResource/users/id/${ids[$i]}") 95 | 96 | #Get a list of the computer IDs associated to the machine 97 | computersAssociated=$(echo "$userData" | xpath //user/links/computers/computer/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 98 | 99 | #As long as that didn't wind up being blank... 100 | if [ "$computersAssociated" != "" ]; then 101 | 102 | #Get the associated username 103 | name=$(echo "$userData" | xpath //user/name 2> /dev/null | sed s/''//g | sed s/'<\/name>'/''/g) 104 | 105 | #Get the associated full name 106 | fullName=$(echo "$userData" | xpath //user/full_name 2> /dev/null | sed s/''//g | sed s/'<\/full_name>'/''/g) 107 | 108 | #Write it to the output file 109 | echo "${ids[$i]},$name,$fullName" >> $outputFile 110 | fi 111 | 112 | done 113 | 114 | echo "Done. Output file placed at $HOME/Desktop/usersWithComputers.csv" -------------------------------------------------------------------------------- /ClassicAPI/usersWithoutAssignmentsAPI.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # usersWithoutAssignmentsAPI.sh - Finds Users that have nothing assigned to them 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will comb all Users in the JSS to find if there is anything assigned to that User, 21 | # such as a Computer, Mobile Device, Peripheral, or VPP Assignment. If there is nothing found, 22 | # the user can be flagged for deletion. 23 | # 24 | # REQUIREMENTS 25 | # 26 | # This script requires a valid JSS User Account with full Administrator privileges 27 | # 28 | #################################################################################################### 29 | # 30 | # HISTORY 31 | # 32 | # Version: 1.1 33 | # 34 | # Release Notes: 35 | # - Style Guide Compatibility 36 | # 37 | # - Created by Matthew Mitchell on May 17, 2017 38 | # - Updated by Matthew Mitchell on July 10, 2017 v1.1 39 | # 40 | #################################################################################################### 41 | # 42 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 43 | # 44 | #################################################################################################### 45 | 46 | echo "-------------------------" 47 | echo "NOTE: An output file name UsersToDelete.txt will be placed in your /tmp directory, and will open automatically after the script is done running." 48 | echo "Please be patient as this script runs - it can take several minutes depending on how many Users you have." 49 | echo "-------------------------" 50 | echo "" 51 | 52 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 53 | echo "Please enter your JSS URL" 54 | echo "On-Prem Example: https://myjss.com:8443" 55 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 56 | echo "Do NOT use a trailing / !!" 57 | read jssURL 58 | echo "" 59 | 60 | #Login Credentials 61 | echo "Please enter an Adminstrator's username for the JSS:" 62 | read jssUser 63 | echo "" 64 | 65 | echo "Please enter the password for your Admin account:" 66 | read -s jssPass 67 | echo "" 68 | 69 | echo "Working..." 70 | 71 | #Get all User IDs 72 | listIDs="$(curl $jssURL/JSSResource/users -ksu $jssUser:$jssPass | xpath //users/user/id 2> /dev/null | sed 's///g' | sed 's/<\/id>/,/g')" 73 | 74 | #Create an Array based on listIDs 75 | IFS=', ' read -r -a allIDs <<< "$listIDs" 76 | 77 | uselessString="0" 78 | 79 | #Check if file exists. If it does, remove it, we'll remake a new one later 80 | if [ -f "/tmp/UsersToDelete.txt" ]; then 81 | rm /tmp/UsersToDelete.txt 82 | fi 83 | 84 | #Output file to write to 85 | outputFile="/tmp/UsersToDelete.txt" 86 | 87 | echo "The following Users have nothing assigned to them and can be deleted" >> $outputFile 88 | echo "--------------------------------------------------------------------" >> $outputFile 89 | 90 | length=${#allIDs[@]} 91 | #Loop through lines 92 | for ((i=0; i<$length;i++)); 93 | do 94 | #Get the ID of the User we're currently looking at, and hack off the comma at the end if necessary 95 | userid=$(echo "${allIDs[$i]}" | sed 's/,//g') 96 | 97 | #Check the User ID to see if it has anything assigned to it 98 | response="$(curl $jssURL/JSSResource/users/id/$userid -ksu $jssUser:$jssPass | xpath //user/links 2> /dev/null)" 99 | 100 | if [ "$response" == "$uselessString" ]; then 101 | #If this is true, then we'll output the URL to the User in the file so it can be deleted 102 | echo "$jssURL/users.html?id=$userid&o=r" >> $outputFile 103 | fi 104 | 105 | done 106 | 107 | echo "Done!" 108 | 109 | open /tmp/UsersToDelete.txt -------------------------------------------------------------------------------- /ClassicAPI/vppAccountReport.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # vppAccountReport.sh - Reports on all VPP accounts in a Jamf Pro server 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will report on all information from the "Details" tab of each VPP Token in a 21 | # single Jamf Pro server 22 | # 23 | # REQUIREMENTS 24 | # 25 | # You will be prompted to enter a Jamf Pro username and password - this account must at least 26 | # have READ permissions on "VPP Admin Accounts" objects 27 | # 28 | #################################################################################################### 29 | # 30 | # HISTORY 31 | # 32 | # Version: 1.1 33 | # 34 | # Release Notes: 35 | # - Now correctly accounts for an empty Apple ID 36 | # 37 | # - Created by Matthew Mitchell on June 22, 2018 38 | # - Updated by Matthew Mitchell on June 25, 2018 (v1.1) 39 | # 40 | #################################################################################################### 41 | # 42 | # DEFINE VARIABLES & READ IN PARAMETERS 43 | # 44 | #################################################################################################### 45 | 46 | #Enter in the URL of the JSS we are are pulling and pushing the data to. 47 | echo "Please enter your JSS URL" 48 | echo "On-Prem Example: https://myjss.com:8443" 49 | echo "Jamf Cloud Example: https://myjss.jamfcloud.com" 50 | read jssURL 51 | echo "" 52 | 53 | #Trim the trailing slash off if necessary 54 | if [ $(echo "${jssURL: -1}") == "/" ]; then 55 | jssURL=$(echo $jssURL | sed 's/.$//') 56 | fi 57 | 58 | #Login Credentials 59 | echo "Please enter an Adminstrator's username for the JSS:" 60 | read jssUser 61 | echo "" 62 | 63 | echo "Please enter the password for $jssUser's account:" 64 | read -s jssPass 65 | echo "" 66 | 67 | echo "Working..." 68 | echo "" 69 | 70 | #################################################################################################### 71 | # 72 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 73 | # 74 | #################################################################################################### 75 | 76 | #Declare API endpoint 77 | resourceURL=/JSSResource/vppaccounts 78 | 79 | #Initialize the variable 80 | outputFile=/tmp/VPP_Account_Report.csv 81 | 82 | #Remove the file if it already exists 83 | rm $outputFile 84 | 85 | echo "JSS ID,Display Name,Contact,Account Name,Expiration Date,Country,Apple ID,Site,Populate Purchased,Notify Users" >> $outputFile 86 | 87 | #API call to get all VPP Token IDs 88 | allTokenIDs=$(curl -H "Accept: application/xml" "$jssURL$resourceURL" -ksu $jssUser:$jssPass | xpath //vpp_accounts/vpp_account/id 2> /dev/null | sed s/''//g | sed s/'<\/id>'/','/g | sed 's/.$//') 89 | 90 | #Read them into an array 91 | IFS=',' read -r -a ids <<< "$allTokenIDs" 92 | 93 | #Get the length 94 | idlength=${#ids[@]} 95 | 96 | for ((i=0; i<$idlength; i++)); 97 | do 98 | 99 | #Get the JSS ID 100 | jssID=${ids[$i]} 101 | 102 | #API call to GET all of the information on the token, so we don't have to make multiple calls to get the specific pieces 103 | allTokenInfo=$(curl -H "Accept: application/xml" "$jssURL$resourceURL/id/$jssID" -ksu $jssUser:$jssPass) 104 | 105 | #Get Display Name from allTokenInfo 106 | displayName=$(echo $allTokenInfo | xpath //vpp_account/name 2> /dev/null | sed s/''//g | sed s/'<\/name>'/''/g) 107 | 108 | #Get Contact from allTokenInfo 109 | contact=$(echo $allTokenInfo | xpath //vpp_account/contact 2> /dev/null | sed s/''//g | sed s/'<\/contact>'/''/g | sed s/''/''/g) 110 | 111 | #Get Account Name from allTokenInfo 112 | accountName=$(echo $allTokenInfo | xpath //vpp_account/account_name 2> /dev/null | sed s/''//g | sed s/'<\/account_name>'/''/g) 113 | 114 | #Get Expiration Date from allTokenInfo 115 | expirationDate=$(echo $allTokenInfo | xpath //vpp_account/expiration_date 2> /dev/null | sed s/''//g | sed s/'<\/expiration_date>'/''/g) 116 | 117 | #Get Country from allTokenInfo 118 | country=$(echo $allTokenInfo | xpath //vpp_account/country 2> /dev/null | sed s/''//g | sed s/'<\/country>'/''/g) 119 | 120 | #Get Apple ID from allTokenInfo 121 | appleID=$(echo $allTokenInfo | xpath //vpp_account/apple_id 2> /dev/null | sed s/''//g | sed s/'<\/apple_id>'/''/g | sed s/''/''/g) 122 | 123 | #Get Site from allTokenInfo 124 | site=$(echo $allTokenInfo | xpath //vpp_account/site/name 2> /dev/null | sed s/''//g | sed s/'<\/name>'/''/g) 125 | 126 | #Get Populate Purchased Content from allTokenInfo 127 | populatePurchased=$(echo $allTokenInfo | xpath //vpp_account/populate_catalog_from_vpp_content 2> /dev/null | sed s/''//g | sed s/'<\/populate_catalog_from_vpp_content>'/''/g | sed s/'true'/'True'/g | sed s/'false'/'False'/g) 128 | 129 | #Get Notify Users from allTokenInfo 130 | notifyUsers=$(echo $allTokenInfo | xpath //vpp_account/notify_disassociation 2> /dev/null | sed s/''//g | sed s/'<\/notify_disassociation>'/''/g | sed s/'true'/'True'/g | sed s/'false'/'False'/g) 131 | 132 | #Write it to the output file 133 | echo "$jssID,$displayName,$contact,$accountName,$expirationDate,$country,$appleID,$site,$populatePurchased,$notifyUsers" >> $outputFile 134 | 135 | done 136 | 137 | echo "Done. VPP_Account_Report.csv has been written to /tmp" -------------------------------------------------------------------------------- /ExtensionAttributes/README.md: -------------------------------------------------------------------------------- 1 | # Extension Attributes -------------------------------------------------------------------------------- /ExtensionAttributes/bootstrapTokenAllowedForAuthentication.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ############################################# 4 | # Created by iMatthewCM on 03/08/2021 # 5 | ################################################################################################# 6 | # This script is not an official product of Jamf Software LLC. As such, it is provided without 7 | # warranty or support. By using this script, you agree that Jamf Software LLC is under no 8 | # obligation to support, debug, or otherwise maintain this script. Licensed under MIT. 9 | # 10 | # NAME: bootstrapTokenAllowedForAuthentication.sh 11 | # DESCRIPTION: This script is to be used in an Extension Attribute in Jamf Pro. A use case for 12 | # implementation is a kernel extension approval workflow, where this value would need to be 13 | # "supported" for M1 Macs 14 | # 15 | # POSSIBLE RETURN VALUES: 16 | # not supported 17 | # allowed 18 | # disallowed 19 | # 20 | # ("not supported" for Intel Macs, "allowed" if we're good to go, "disallowed" if not 21 | ################################################################################################# 22 | 23 | #Get the value for the BootstrapTokenAllowedForAuthentication key 24 | output=$(/usr/libexec/mdmclient QuerySecurityInfo | awk -F '[=]' '/BootstrapTokenAllowedForAuthentication/ {print $NF}' | tr -d '";') 25 | 26 | #Trim off the leading space 27 | output=${output:1} 28 | 29 | echo "$output" -------------------------------------------------------------------------------- /ExtensionAttributes/detectConfigProfile.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # HISTORY 14 | # 15 | # Version: 1.1 16 | # 17 | # Release Notes: 18 | # - Variable Configuration 19 | # 20 | # - Created by Matthew Mitchell on March 3, 2017 21 | # - Updated by Matthew Mitchell on July 10, 2017 v1.1 22 | # 23 | #################################################################################################### 24 | # 25 | # DEFINE VARIABLES AND READ-IN PARAMETERS 26 | # 27 | #################################################################################################### 28 | 29 | #Config Profile ID 30 | #Get this from About This Mac > System Profiler > Profiles > Name of Profile > Identifier 31 | profileID=E039C901-46C9-4A68-9E6A-29A24937D156 32 | 33 | #################################################################################################### 34 | # 35 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 36 | # 37 | #################################################################################################### 38 | 39 | if sudo profiles -P | egrep -q ': '$profileID ; then 40 | echo "Yes" 41 | else 42 | echo "No" 43 | fi -------------------------------------------------------------------------------- /ExtensionAttributes/detectMacModel.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # HISTORY 14 | # 15 | # Version: 1.0 16 | # 17 | # Release Notes: 18 | # - Formatted original script into an Extension Attribute script 19 | # 20 | # - Original Creator mm2270: https://www.jamf.com/jamf-nation/feature-requests/2214/fix-inconsistent-naming-of-macs-in-the-inventory#responseChild6198 21 | # 22 | #################################################################################################### 23 | # 24 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 25 | # 26 | #################################################################################################### 27 | 28 | Last4Ser=$(ioreg -rd1 -c IOPlatformExpertDevice | awk -F'"' '/IOPlatformSerialNumber/{print $4}' | tail -c 5) 29 | Last3Ser=$(ioreg -rd1 -c IOPlatformExpertDevice | awk -F'"' '/IOPlatformSerialNumber/{print $4}' | tail -c 4) 30 | 31 | FullModelName=$(curl -s -o - "http://support-sp.apple.com/sp/product?cc=$Last4Ser&lang=en_US" | xpath //configCode[1] 2>&1 | awk -F'[>|<]' '{print $3}' | sed '/^$/d') 32 | 33 | if [[ "$FullModelName" == "" ]]; then 34 | FullModelName=$(curl -s -o - "http://support-sp.apple.com/sp/product?cc=$Last3Ser&lang=en_US" | xpath //configCode[1] 2>&1 | awk -F'[>|<]' '{print $3}' | sed '/^$/d') 35 | fi 36 | 37 | echo "$FullModelName" -------------------------------------------------------------------------------- /ExtensionAttributes/hasEscrowedBootstrapToken.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ############################################# 4 | # Created by iMatthewCM on 03/08/2021 # 5 | ################################################################################################# 6 | # This script is not an official product of Jamf Software LLC. As such, it is provided without 7 | # warranty or support. By using this script, you agree that Jamf Software LLC is under no 8 | # obligation to support, debug, or otherwise maintain this script. Licensed under MIT. 9 | # 10 | # NAME: hasEscrowedBootstrapToken.sh 11 | # DESCRIPTION: This script is to be used in an Extension Attribute in Jamf Pro. It will detect 12 | # if a Bootstrap token has been escrowed, which is required for (amongst other things) 13 | # approving legacy kernel extensions on M1 Macs. 14 | # 15 | # POSSIBLE RETURN VALUES: 16 | # Not Supported 17 | # Yes 18 | # No 19 | # 20 | # (Yes if a token is escrowed, No if it's not, Not Supported if the Mac isn't supervised 21 | ################################################################################################# 22 | 23 | #Get the status of the bootstrap token 24 | output=$(profiles status -type bootstraptoken) 25 | 26 | #If we got an error, the output is empty and that means the Mac isn't supervised 27 | if [[ "$output" == "" ]]; then 28 | echo "Not Supported" 29 | else 30 | 31 | #If we didn't get an error, then just grab the last part of the line containing "escrowed" 32 | output=$(echo "$output" | awk '/escrowed/ {print $NF}') 33 | 34 | #If escrowed is YES... 35 | if [[ "$output" = "YES" ]]; then 36 | echo "Yes" 37 | else 38 | echo "No" 39 | fi 40 | fi 41 | 42 | -------------------------------------------------------------------------------- /ExtensionAttributes/reportAppUpdateSettings.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # HISTORY 14 | # 15 | # Version: 1.0 16 | # 17 | # Release Notes: 18 | # - Initial release 19 | # 20 | # - Created by Matthew Mitchell on June 30, 2017 21 | # 22 | #################################################################################################### 23 | # 24 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 25 | # 26 | #################################################################################################### 27 | 28 | autocheck=$(sudo defaults read /Library/Preferences/com.apple.SoftwareUpdate.plist AutomaticCheckEnabled) 29 | 30 | autodownload=$(sudo defaults read /Library/Preferences/com.apple.SoftwareUpdate.plist AutomaticDownload) 31 | 32 | autoupdate=$(sudo defaults read /Library/Preferences/com.apple.commerce.plist AutoUpdate) 33 | 34 | macupdate=$(sudo defaults read /Library/Preferences/com.apple.commerce.plist AutoUpdateRestartRequired) 35 | 36 | secupdate=$(sudo defaults read /Library/Preferences/com.apple.SoftwareUpdate.plist CriticalUpdateInstall) 37 | 38 | if [[ "$autocheck" -eq "1" && "$autodownload" -eq "1" && "$autoupdate" -eq "1" && "$macupdate" -eq "1" && "$secupdate" -eq "1" ]]; then 39 | echo "Enabled" 40 | else 41 | echo "Disabled" 42 | fi 43 | 44 | 45 | -------------------------------------------------------------------------------- /ExtensionAttributes/rootUserStatus.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | #Read the current value of the root user's password 4 | currentStatus=$(sudo dscl . -read /Users/root Password) 5 | 6 | #Return value for a disabled account 7 | disabledStatus="Password: *" 8 | 9 | #Check if the status we got is the same as the value for a disabled account 10 | if [[ "$currentStatus" = "$disabledStatus" ]]; then 11 | echo "Disabled" 12 | else 13 | echo "Enabled" 14 | fi -------------------------------------------------------------------------------- /ExtensionAttributes/verifyMDM.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # verifyMDM.sh - An Extension Attribute to report if a computer has a valid MDM profile 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script reads data on all Configuration Profiles stored on a Mac, finds the MDM Profile, 21 | # and returns the verification status of the MDM Profile as an EA to the JSS 22 | # 23 | # REQUIREMENTS 24 | # 25 | # This script needs to be used in an Extension Attribute in the JSS 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.0 32 | # 33 | # Release Notes: 34 | # - Initial release 35 | # 36 | # - Created by Matthew Mitchell on November 6, 2017 37 | # 38 | #################################################################################################### 39 | # 40 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 41 | # 42 | #################################################################################################### 43 | 44 | tmpFile=/tmp/MDMProfileInfo.txt 45 | 46 | #Check if file exists. If it does, remove it, we'll remake a new one later 47 | if [ -f "$tmpFile" ]; then 48 | rm $tmpFile 49 | fi 50 | 51 | #Write the output of the command into the tmpFile 52 | echo "$(system_profiler SPConfigurationProfileDataType)" >> $tmpFile 53 | 54 | #Find the line number that has the MDM Profile on 55 | lineNum=`cat $tmpFile | grep -n "Description: MDM Profile" | awk -F : '{print $1}'` 56 | 57 | #Store 10 lines after that so we can collect the verification status 58 | profileInfo=`head -n $(( $lineNum + 10 )) $tmpFile | tail -n 11` 59 | 60 | #Remove the file to clean up after ourselves 61 | rm $tmpFile 62 | 63 | #Get the verification status of the MDM Profile 64 | verificationStatus=$(echo "$profileInfo" | grep "Verification State:" | cut -d ':' -f2 | awk '{print $1}') 65 | 66 | #Echo it out to an EA 67 | echo "$verificationStatus" -------------------------------------------------------------------------------- /JamfProAPI/README.md: -------------------------------------------------------------------------------- 1 | ## Jamf Pro API Scripts 2 | 3 | These scripts utilize Jamf's newer "Jamf Pro API" instead of the older "Classic API" 4 | 5 | The main differences between these scripts, and scripts that utilize the Classic API, are: 6 | 7 | 1. Token-based authentication 8 | 2. JSON 9 | 10 | With the Jamf Pro API, you can no longer authenticate against the API in clear text, nor can you use a standard Base64 encoded string as a basic authorization. You *must* use a token, which can be created using the [tokenGenerator.sh](https://github.com/iMatthewCM/Jamf-Scripts/blob/master/JamfProAPI/tokenGenerator.sh) script. 11 | 12 | The Jamf Pro API also completely eschews XML in favor of JSON, so you'll see different data structures inside of each script. 13 | 14 | To work with the Jamf Pro API using Python, check out the [iMatthewCM Python Library!](https://github.com/iMatthewCM/Jamf-Scripts/blob/master/JamfProAPI/iMatthewCM%20Python%20Library) -------------------------------------------------------------------------------- /JamfProAPI/createBuildingsFromFile.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ############################################# 4 | # Created by iMatthewCM on 12/04/2019 # 5 | ################################################################################################# 6 | # This script is not an official product of Jamf Software LLC. As such, it is provided without # 7 | # warranty or support. By using this script, you agree that Jamf Software LLC is under no # 8 | # obligation to support, debug, or otherwise maintain this script. Licensed under MIT. # 9 | # # 10 | # NAME: createBuildingsFromFile.sh # 11 | # DESCRIPTION: This script will read in the contents of a CSV file that contains information # 12 | # to create new buildings in Jamf Pro from. Do NOT include column headers in the CSV! The # 13 | # columns must be in the following order: Name, Street Address 1, Street Address 2, City, # 14 | # State, ZIP Code, Country # 15 | # # 16 | # Example CSV line: # 17 | # New York,1 5th Avenue,#314,New York,NY,12345,US # 18 | ################################################################################################# 19 | 20 | ############################## 21 | # Configure these variables! # 22 | ############################## 23 | 24 | #Path to a the file containing the buildinngs to add 25 | #Use the full path - do not use ~ to substitute the home directory 26 | inputFile="/path/to/input.csv" 27 | 28 | #Jamf Pro URL 29 | #Do NOT use a trailing / character! 30 | #Include ports as necessary 31 | jamfProURL="https://myjss.jamfcloud.com" 32 | 33 | #Token to use for authentication 34 | token="" 35 | 36 | ################################# 37 | # DO NOT MODIFY BELOW THIS LINE # 38 | ################################# 39 | 40 | #Change IFS to properly read in CSV 41 | IFS=, 42 | 43 | #Loop through input CSV 44 | while read name address1 address2 city state zip country 45 | do 46 | #Create new building 47 | curl -ks -H "Authorization: Bearer $token" -H "content-type: application/json" "$jamfProURL"/uapi/v1/buildings -X POST -d "{\"name\": \"$name\",\"streetAddress1\": \"$address1\",\"streetAddress2\": \"$address2\",\"city\": \"$city\",\"stateProvince\": \"$state\",\"zipPostalCode\": \"$zip\",\"country\": \"$country\"}" 48 | done < $inputFile 49 | -------------------------------------------------------------------------------- /JamfProAPI/createDepartmentsFromFile.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | ############################################# 4 | # Created by iMatthewCM on 11/18/2019 # 5 | ################################################################################################# 6 | # This script is not an official product of Jamf Software LLC. As such, it is provided without # 7 | # warranty or support. By using this script, you agree that Jamf Software LLC is under no # 8 | # obligation to support, debug, or otherwise maintain this script. Licensed under MIT. # 9 | # # 10 | # NAME: createDepartmentsFromFile.sh # 11 | # DESCRIPTION: This script will read in the contents of a plain text file and create each line # 12 | # of the file as a new department in Jamf Pro. IMPORTANT: Include an empty new line at the # 13 | # bottom of the file, otherwise the final department will not be created! # 14 | ################################################################################################# 15 | 16 | ############################## 17 | # Configure these variables! # 18 | ############################## 19 | 20 | #Path to a the file containing the department names to add 21 | inputFile="/path/to/input.txt" 22 | 23 | #Jamf Pro URL 24 | #Do NOT use a trailing / character! 25 | #Include ports as necessary 26 | jamfProURL="https://myjss.jamfcloud.com" 27 | 28 | #Token to use for authentication 29 | token="eyJhbGciOiJIUzI1NiJ9.eyJhdXRoZW50aWNhdGVkLWFwcCI6IkdFTkVSSUMiLCJhdXRoZW50aWNhdGlvbi10eXBlIjoiSlNTIiwiZ3JvdXBzIjpbXSwic3ViamVjdC10eXBlIjoiSlNTX1VTRVJfSUQiLCJ0b2tlbi11dWlkIjoiM2Y0MjNlNjUtMDNiNS00MDA5LTk4N2EtNzljNjVhNWNkOGIxIiwibGRhcC1zZXJ2ZXItaWQiOi0xLCJzdWIiOiIxIiwiZXhwIjoxNTc0MTE0ODYyfQ.WpOcG_1F9IAnbLs5U6BN5ZDW1VUiqWns1Uux6AKpqHE" 30 | 31 | #Loop through the file and create the departments 32 | while read department 33 | do 34 | curl -s -H "Authorization: Bearer $token" -H "Content-type: application/json" "$jamfProURL"/uapi/v1/departments -X POST -d "{\"name\": \"$department\"}" 35 | done < /Users/Matthew/Desktop/in.txt 36 | -------------------------------------------------------------------------------- /JamfProAPI/iMatthewCM Python Library/README.md: -------------------------------------------------------------------------------- 1 | ## iMatthewCM Python Library 2 | 3 | The goal of this library is to shuffle the actual Jamf Pro API work outside of your primary Python script, leaving you with only the responsibility to parse the output and display results. 4 | 5 | This library **requires Python 3** as well as the **requests** library. To get these set up on a Mac, take a look at my [cliffnote document](https://github.com/iMatthewCM/Jamf-Scripts/blob/master/Workflows/Install%20Python%203%20on%20Mac.sh) which is taken from and based off of [this article from opensource.com](https://opensource.com/article/19/5/python-3-default-mac). 6 | 7 | To use the library, simply place the iMatthewCM.py file inside the same directory as the script you're working on, and import it using: 8 | 9 | `import iMatthewCM` 10 | 11 | You don't necessarily need to import `json` or `requests` in your script, unless *your* code is going to explicitly leverage either of them. Otherwise, the library file already imports what it needs. 12 | 13 | To see what features are available in the library, execute: 14 | 15 | `iMatthewCM.help()` 16 | 17 | Take a look at [demo.py](https://github.com/iMatthewCM/Jamf-Scripts/blob/master/JamfProAPI/iMatthewCM%20Python%20Library/demo.py) for some usage examples! -------------------------------------------------------------------------------- /JamfProAPI/iMatthewCM Python Library/Release Notes.md: -------------------------------------------------------------------------------- 1 | ## iMatthewCM Python Library Release Notes 2 | 3 | **3/23/21 - Version 0.2.1** 4 | 5 | * Updated help() function with version information 6 | 7 | **3/23/21 - Version 0.2.0** 8 | 9 | * Added new function: putData(server, endpoint, token, data) 10 | * Updated help() function with putData documentation 11 | 12 | **3/22/21 - Version 0.1.0** 13 | **Important Implementation Note!** 14 | While I do not expect to make breaking changes such as renaming functions or re-ordering their arguments, until I have more fully built out this library those breaking changes are possible. If a breaking change is ever made during this period, it will be called out in the release notes. A major feature of version **1.0.0** will be a style guide to prevent any breaking changes going forward. 15 | 16 | **Initial release** 17 | Available functions: 18 | 19 | * help() 20 | * getToken(server, username, password) 21 | * getData(server, endpoint, token, query_parameters) 22 | * getDataFormatted(server, endpoint, token, query_parameters) 23 | * postData(server, endpoint, token, data) -------------------------------------------------------------------------------- /JamfProAPI/iMatthewCM Python Library/demo.py: -------------------------------------------------------------------------------- 1 | import iMatthewCM 2 | import creds 3 | #creds is just a file that has some variables set, to take them out of this script 4 | 5 | 6 | #Print documentation for iMatthewCM library 7 | iMatthewCM.help() 8 | 9 | #Obtain an authorization token 10 | token = iMatthewCM.getToken(creds.server, creds.username, creds.password) 11 | 12 | #Define query parameters for our GET 13 | query_params = {'section': ['GENERAL', 'OPERATING_SYSTEM', 'APPLICATIONS'],'page-size':'2000'} 14 | 15 | #Perform our API call 16 | computers = iMatthewCM.getData(creds.server, '/api/v1/computers-inventory', token, query_params) 17 | 18 | #For each returned computer, print the OS version and number of installed applictions 19 | for computer in computers['results']: 20 | print(f'Information for "{computer["general"]["name"]}"') 21 | print(f'macOS {computer["operatingSystem"]["version"]}') 22 | print(f'{len(computer["applications"])} installed applications') 23 | print() 24 | -------------------------------------------------------------------------------- /JamfProAPI/iMatthewCM Python Library/iMatthewCM.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | import requests 3 | import json 4 | 5 | 6 | def getToken(server: str, username: str, password: str): 7 | token = requests.post(server + '/api/v1/auth/token', auth=(username, password)).json()['token'] 8 | return token 9 | 10 | 11 | def getData(server: str, endpoint: str, token: str, query_parameters: str): 12 | headers = {'Authorization': "Bearer " + token} 13 | response = requests.get(server + endpoint, params=query_parameters, headers=headers) 14 | return response.json() 15 | 16 | 17 | def getDataFormatted(server: str, endpoint: str, token: str, query_parameters: str): 18 | headers = {'Authorization': "Bearer " + token} 19 | response = requests.get(server + endpoint, params=query_parameters, headers=headers) 20 | return json.dumps(response.json(),indent=2) 21 | 22 | 23 | def postData(server: str, endpoint: str, token: str, data: str): 24 | headers = {'Authorization': "Bearer " + token, 'Content-Type': 'application/json'} 25 | response = requests.post(server + endpoint, headers=headers, data=json.dumps(data)) 26 | return response.status_code,response.json() 27 | 28 | 29 | def putData(server: str, endpoint: str, token: str, data: str): 30 | headers = {'Authorization': "Bearer " + token, 'Content-Type': 'application/json'} 31 | response = requests.put(server + endpoint, headers=headers, data=json.dumps(data)) 32 | return response.status_code,response.json() 33 | 34 | 35 | def help(): 36 | print(''' 37 | iMatthewCM Python Library 38 | (c) 2021 39 | Version 0.2.1 40 | https://github.com/iMatthewCM/Jamf-Scripts/ 41 | 42 | getToken(server, username, password) 43 | Purpose: obtain an authorization token for the Jamf Pro API 44 | Returns: String 45 | Usage: token = iMatthewCM.getToken('https://JAMF_PRO_URL', 'myUsername', 'myPassword') 46 | 47 | getData(server, endpoint, token, query_parameters) 48 | Purpose: perform a GET operation on any given endpoint 49 | Returns: Raw JSON 50 | Usage: computer_data = iMatthewCM.getData('https://JAMF_PRO_URL', '/api/v1/computers-inventory', token, query_parameters) 51 | Notes: query_parameters can be left empty, but still needs to be passed as an argument. Just pass "" in place of a value. 52 | For more complicated parameters, save them to a variable beforehand and pass the entire variable 53 | Example: query_parameters = {'section': ['GENERAL'], 'page-size':'2000'} 54 | 55 | getDataFormatted(server, endpoint, token, query_parameters) 56 | Purpose: perform a GET operation on any given endpoint 57 | Returns: Formatted JSON 58 | Usage: computer_data = iMatthewCM.getData('https://JAMF_PRO_URL', '/api/v1/computers-inventory', token, query_parameters) 59 | Notes: If you plan to do anything with the data other than look at it, you probably want getData() instead of this function. 60 | query_parameters can be left empty, but still needs to be passed as an argument. Just pass "" in place of a value. 61 | For more complicated parameters, save them to a variable beforehand and pass the entire variable 62 | Example: query_parameters = {'section': ['GENERAL'], 'page-size':'2000'} 63 | 64 | postData(server, endpoint, token, data) 65 | Purpose: perform a POST operation on any given endpoint 66 | Returns: HTTP response code and JSON response body 67 | Usage: response = iMatthewCM.postData('https://JAMF_PRO_URL', '/api/v1/buildings', token, data) 68 | Notes: The data parameter is expecting formatted JSON. Create your data in a variable, and pass the variable to the function. 69 | Example: 70 | data = { 71 | "name": "A New Building", 72 | "country": "USA" 73 | } 74 | 75 | putData(server, endpoint, token, data) 76 | Purpose: perform a PUT operation on any given endpoint 77 | Returns: HTTP response code and JSON response body 78 | Usage: response = iMatthewCM.putData('https://JAMF_PRO_URL', '/api/v1/buildings/10', token, data) 79 | Notes: The data parameter is expecting formatted JSON. Create your data in a variable, and pass the variable to the function. 80 | Example: 81 | data = { 82 | "name": "A Building Name to Change" 83 | } 84 | ''') -------------------------------------------------------------------------------- /JamfProAPI/tokenGenerator.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ############################################# 4 | # Created by iMatthewCM on 11/18/2019 # 5 | ################################################################################################# 6 | # This script is not an official product of Jamf Software LLC. As such, it is provided without # 7 | # warranty or support. By using this script, you agree that Jamf Software LLC is under no # 8 | # obligation to support, debug, or otherwise maintain this script. Licensed under MIT. # 9 | # # 10 | # NAME: tokenGenerator.sh # 11 | # DESCRIPTION: Generates a token for use with the Jamf Pro API # 12 | # # 13 | # NOTES: This script will run in either fill or prompt mode. To run in fill mode, add values to # 14 | # the jamfProURL, jamfProUSER, and jamfProPASS variables. To run in prompt mode, any variables # 15 | # left blank will prompt the user for values. # 16 | ################################################################################################# 17 | 18 | #It's OK to leave these variables empty! The script will prompt for any empty fields. 19 | 20 | #Do NOT use a trailing / character! 21 | #Include ports as necessary 22 | jamfProURL="" 23 | 24 | #Jamf Pro User Account Username 25 | jamfProUSER="" 26 | 27 | #Jamf Pro User Account Password 28 | jamfProPASS="" 29 | 30 | if [[ "$jamfProURL" == "" ]]; then 31 | echo "Please enter your Jamf Pro URL" 32 | echo "Do not include a trailing /" 33 | echo "Example: https://myjss.jamfcloud.com" 34 | read jamfProURL 35 | echo "" 36 | fi 37 | 38 | if [[ "$jamfProUSER" == "" ]]; then 39 | echo "Please enter your Jamf Pro username" 40 | read jamfProUSER 41 | echo "" 42 | fi 43 | 44 | if [[ "$jamfProPASS" == "" ]]; then 45 | echo "Please enter the password for $jamfProUSER's account" 46 | read -s jamfProPASS 47 | echo "" 48 | fi 49 | 50 | #Get the token 51 | token=$(curl -ksu "$jamfProUSER":"$jamfProPASS" "$jamfProURL"/uapi/auth/tokens -X POST) 52 | 53 | #Documenting this line because it's terrible 54 | #Awking for the line in the response that contains the word "token", and grabbing the last column of that response with $NF 55 | #Then passing the remainging output to cut, where it is cutting the string down so that it starts on the 2nd character (hence the 2) 56 | #Then passing that output to rev, which flips the string backwards so that we can... 57 | #Pass it back to cut, this time cutting it down so it starts on the 3rd character, hence the 3. But this is actually the end of the string, so we're cutting off the last 2 bits essentially 58 | #Then passing it back to rev to put in the proper order 59 | token=$(echo "$token" | awk '/token/{print $NF}' | cut -c 2- | rev | cut -c 3- | rev) 60 | 61 | #Output 62 | echo "Here's your Jamf Pro API token:" 63 | echo "$token" 64 | echo "" 65 | echo "Tokens expire 30 minutes after they are created" -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2017 iMatthewCM 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Welcome 2 | 3 | This is a collection of Scripts used to extend the functionality of Jamf Pro’s management capabilities. 4 | 5 | These Scripts are **not official Jamf products** and are provided without warranty. Do **not** contact Jamf Support to ask for help using these Scripts as scripting is ***unsupported*** except as a paid engagement with Professional Services. 6 | 7 | There are four categories of Scripts on this GitHub: API Scripts, macOS Scripts, Extension Attributes, and Snippets. Each category is in a directory named the same, and there is a README inside each directory detailing its contents. 8 | 9 | ***API Scripts*** can be run on anything that can run Bash. They do not need to be deployed to computers enrolled in Jamf Pro. 10 | 11 | ***macOS Scripts*** are written to be deployed via a Jamf Pro Policy to a macOS device. 12 | 13 | ***Extension Attributes*** are used to collect additional Inventory information for computers enrolled in Jamf Pro. 14 | 15 | ***Snippets*** are little pieces of code that might be useful to integrate into other projects. By themselves, they're usually pretty pointless. 16 | -------------------------------------------------------------------------------- /Resources/EFIgy.pkg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/iMatthewCM/Jamf-Scripts/f69c6331d4ea504c947269308567fa2087aab9ae/Resources/EFIgy.pkg -------------------------------------------------------------------------------- /Resources/README.md: -------------------------------------------------------------------------------- 1 | # Resources 2 | 3 | Some Resource will utilize code not written by me. In those situations, the original source will be linked here. 4 | 5 | ### EFIgy.pkg 6 | Contents: 7 | 8 | * EFIgyLite_cli.py 9 | * cacert.pem 10 | 11 | Both files are from Duo's GitHub page for EFIgy: [https://github.com/duo-labs/EFIgy](https://github.com/duo-labs/EFIgy) 12 | 13 | [EFIgy License](https://github.com/duo-labs/EFIgy/blob/master/LICENSE) -------------------------------------------------------------------------------- /Snippets/CurrentlyLoggedInUser.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # CurrentlyLoggedInUser.sh - Gets the Full Name of the currently logged in user 17 | # 18 | # DESCRIPTION 19 | # 20 | # Utilizes the dscl binary to read the RealName variable of the currently logged in user, 21 | # which is passed from a variable that contains the username 22 | # 23 | # REQUIREMENTS 24 | # 25 | # None 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.1 32 | # 33 | # Release Notes: 34 | # - Added variable to change between standard formatting and last name, first name formatting 35 | # 36 | # - Created by Matthew Mitchell on Jan 16, 2017 37 | # - Updated by Matthew Mitchell on Jan 16, 2017 38 | # 39 | #################################################################################################### 40 | # 41 | # DEFINE VARIABLES & READ IN PARAMETERS 42 | # 43 | #################################################################################################### 44 | 45 | #Set formatting 46 | #YES will result in First Name Last Name (Does not contain a comma) 47 | #NO will result in Last Name, First Name (Contains a comma) 48 | standardnaming=NO 49 | 50 | #################################################################################################### 51 | # 52 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 53 | # 54 | #################################################################################################### 55 | 56 | username="$(stat -f%Su /dev/console)" 57 | firstname="$(dscl . -read /Users/$username RealName | cut -d: -f2 | sed -e 's/^[ \t]*//' | grep -v "^$" | cut -d\ -f1)" 58 | lastname="$(dscl . -read /Users/$username RealName | cut -d: -f2 | sed -e 's/^[ \t]*//' | grep -v "^$" | cut -d\ -f2)" 59 | 60 | if [ $standardnaming == "YES" ]; then 61 | realname="$(echo $firstname $lastname)" 62 | else 63 | realname="$(echo $lastname, $firstname)" 64 | fi 65 | 66 | echo "$realname" 67 | -------------------------------------------------------------------------------- /Snippets/README.md: -------------------------------------------------------------------------------- 1 | # Snippets -------------------------------------------------------------------------------- /Workflows/Install Python 3 on Mac.sh: -------------------------------------------------------------------------------- 1 | #Installing Python 3 on a Mac using Homebrew 2 | # 3 | # IMPORTANT NOTE! 4 | # These commands are NOT my work! Check out 5 | # https://opensource.com/article/19/5/python-3-default-mac 6 | # for more information on this workflow! 7 | # 8 | # This file should only be considered as the cliffnotes of 9 | # Matthew Broberg and Moshe Zadka's work! 10 | 11 | #Get Homebrew: 12 | /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" 13 | 14 | #Update Homebrew: 15 | brew update 16 | 17 | #Install Pyenv: 18 | brew install pyenv 19 | 20 | #Get available Python versions to install: 21 | pyenv install --list 22 | #Grab the latest version towards the top of the output...above the anaconda and activepython listings 23 | 24 | #Install Python with Pyenv: 25 | pyenv install 3.9.2 26 | 27 | #Set our installed Python version as our global default: 28 | pyenv global 3.9.2 29 | 30 | #Verify it is set 31 | pyenv version 32 | 33 | #Throw this statement into your bash or zsh profile: 34 | if command -v pyenv 1>/dev/null 2>&1; then 35 | eval "$(pyenv init -)" 36 | fi 37 | 38 | #Reload your bash or zsh profile 39 | 40 | #Check to see that macOS is now using Python 3 41 | python --version 42 | 43 | #Install requests via pip 44 | pip install requests -------------------------------------------------------------------------------- /Workflows/Verifying macOS Firmware with EFIgy.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/iMatthewCM/Jamf-Scripts/f69c6331d4ea504c947269308567fa2087aab9ae/Workflows/Verifying macOS Firmware with EFIgy.pdf -------------------------------------------------------------------------------- /Workflows/Warranty Reporting.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/iMatthewCM/Jamf-Scripts/f69c6331d4ea504c947269308567fa2087aab9ae/Workflows/Warranty Reporting.pdf -------------------------------------------------------------------------------- /macOS/README.md: -------------------------------------------------------------------------------- 1 | # macOS Scripts -------------------------------------------------------------------------------- /macOS/addManagementAccountFV2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # addManagementAccountFV2.sh - Adds the Management Account to an already-encrypted FileVault 2 setup 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will prompt the logged-in user for their password, and then add the Management Account to the 21 | # users allowed to unlock the disk. A reboot will be required after the script has run. 22 | # 23 | # REQUIREMENTS 24 | # 25 | # This script will need to be run by a user ALREADY enabled for FileVault 2, and the script also needs 26 | # to be configured in the JSS Policy to use Script Parameters. See DEFINE VARIABLES & READ IN PARAMETERS 27 | # for insight on what to set these parameters to. Additionally, this script will only validate 28 | # a password for a local user. LDAP validation will fail. 29 | # 30 | #################################################################################################### 31 | # 32 | # HISTORY 33 | # 34 | # Version: 1.1 35 | # 36 | # Release Notes: 37 | # - Added password validation and a maximum attempt limit 38 | # 39 | # - Created by Matthew Mitchell on March 24, 2017 40 | # - Updated by Matthew Mitchell on June 16, 2017 (v1.1) 41 | # 42 | #################################################################################################### 43 | # 44 | # DEFINE VARIABLES & READ IN PARAMETERS 45 | # 46 | #################################################################################################### 47 | 48 | #Management Account Username 49 | mgmtUser="$4" 50 | 51 | #Management Account Password 52 | mgmtPass="$5" 53 | 54 | #################################################################################################### 55 | # 56 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 57 | # 58 | #################################################################################################### 59 | 60 | ## Get the logged in user's name 61 | userName=$(/usr/bin/stat -f%Su /dev/console) 62 | 63 | for ((i=0; i<3;i++)); 64 | 65 | do 66 | 67 | userPass="$(/usr/bin/osascript -e 'Tell application "System Events" to display dialog "Please enter your login password so that your IT department can add administrative access to the FileVault 2 encryption on this machine:" default answer "" with title "Login Password" with text buttons {"Ok"} default button 1 with hidden answer' -e 'text returned of result')" 68 | 69 | authAttempt=$(dscl /Local/Default -authonly "$userName" "$userPass") 70 | 71 | if [ "$authAttempt" == "" ]; then 72 | i=3 73 | 74 | plist=" 75 | 76 | 77 | 78 | Username 79 | $userName 80 | Password 81 | $userPass 82 | AdditionalUsers 83 | 84 | 85 | Username 86 | $mgmtUser 87 | Password 88 | $mgmtPass 89 | 90 | 91 | 92 | " 93 | 94 | echo $plist > /tmp/fv.plist 95 | 96 | sudo fdesetup add -inputplist -verbose < /tmp/fv.plist 97 | 98 | sudo rm /tmp/fv.plist 99 | 100 | elif [ $i != 2 ]; then 101 | /usr/bin/osascript -e 'Tell application "System Events" to display dialog "Something went wrong, try entering your password again..." buttons {"Try Again"} default button 1' 102 | else 103 | /usr/bin/osascript -e 'Tell application "System Events" to display dialog "Too may failed attempts...exiting..." buttons {"OK"} default button 1' 104 | fi 105 | 106 | done 107 | -------------------------------------------------------------------------------- /macOS/configureAppUpdate.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | #################################################################################################### 8 | # 9 | # ABOUT THIS PROGRAM 10 | # 11 | # NAME 12 | # configureAppUpdate.sh - Configures Automatic App Update settings for macOS through Apple API 13 | # 14 | # DESCRIPTION 15 | # 16 | # This script can configure the settings in the App Store preference pane according to how the 17 | # IT Admin wants the settings to appear. The description before each variable below references 18 | # the exact text of the checkbox it is modifying. Valid input is given in the description for 19 | # each setting. Deploy this script in a Policy to each machine you'd like to have these settings. 20 | # 21 | #################################################################################################### 22 | # 23 | # HISTORY 24 | # 25 | # Version: 1.1 26 | # 27 | # Release Notes: 28 | # - Implemented workaround for macOS bug that requires CriticalUpdateInstall and ConfigDataInstall 29 | # to be set to the same value. 30 | # 31 | # - Created by Matthew Mitchell on December 2, 2016 32 | # - Updated by Matthew Mitchell on December 3, 2016 33 | # 34 | #################################################################################################### 35 | # 36 | # DEFINE VARIABLES & READ IN PARAMETERS 37 | # 38 | #################################################################################################### 39 | 40 | #Popup notifying updates are available (OFF / ON) 41 | #Suggestion: Keep this OFF 42 | notifyme=OFF 43 | 44 | #Automatically check for updates (YES / NO) 45 | autoupdates=YES 46 | 47 | #Download newly available updates in the background (YES / NO) 48 | background=YES 49 | 50 | #Install app updates (YES / NO) 51 | appupdate=YES 52 | 53 | #Install macOS updates (YES / NO) 54 | macupdate=YES 55 | 56 | #Install system data files and security updates (YES / NO) 57 | critupdate=YES 58 | 59 | #################################################################################################### 60 | # 61 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 62 | # 63 | #################################################################################################### 64 | 65 | osascript -e "tell application \"System Preferences\" to quit" 66 | 67 | sudo softwareupdate --schedule $notifyme 68 | 69 | sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate.plist AutomaticCheckEnabled -bool $autoupdates 70 | 71 | sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate.plist AutomaticDownload -bool $background 72 | 73 | sudo defaults write /Library/Preferences/com.apple.commerce.plist AutoUpdate -bool $appupdate 74 | 75 | sudo defaults write /Library/Preferences/com.apple.commerce.plist AutoUpdateRestartRequired -bool $macupdate 76 | 77 | sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate.plist CriticalUpdateInstall -bool $critupdate 78 | 79 | #There appears to be a bug in macOS Sierra that requires ConfigDataInstall to be set the same as CriticalUpdateInstall 80 | sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate.plist ConfigDataInstall -bool $critupdate 81 | -------------------------------------------------------------------------------- /macOS/disableMenubarWifi.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # disableMenubarWifi.sh - Removes the WiFi Icon from the Menu Bar 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script moves the AirPort.menu file out of the directory macOS is expecting, then restarts 21 | # the Menu Bar. The system can no longer find the icon, and therefore can't display it. 22 | # 23 | # REQUIREMENTS 24 | # 25 | # This script will only run on a computer running any release of macOS 10.9 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.0 32 | # 33 | # Release Notes: 34 | # - Initial release 35 | # 36 | # - Created by Matthew Mitchell on March 3, 2017 37 | # 38 | #################################################################################################### 39 | # 40 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 41 | # 42 | #################################################################################################### 43 | 44 | macOSversion="$(sw_vers -productVersion)" 45 | 46 | function removeIcon { 47 | sudo mkdir /System/Library/CoreServices/Menu\ Extras/hidden_items 48 | sudo mv /System/Library/CoreServices/Menu\ Extras/AirPort.menu /System/Library/CoreServices/Menu\ Extras/hidden_items 49 | sudo killall SystemUIServer 50 | exit 51 | } 52 | 53 | if [[ $macOSversion == *"10.9"* ]]; then 54 | removeIcon 55 | else 56 | echo "$macOSversion not supported, exiting..." 57 | exit 58 | fi 59 | -------------------------------------------------------------------------------- /macOS/displayNotification.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # displayNotification.sh - Displays a macOS Notification 17 | # 18 | # DESCRIPTION 19 | # 20 | # Displays a notification which will appear on screen as well as in Notification Center 21 | # 22 | #################################################################################################### 23 | # 24 | # HISTORY 25 | # 26 | # Version: 1.1 27 | # 28 | # Release Notes: 29 | # - Added variables for easy customization 30 | # 31 | # - Created by Matthew Mitchell on August 29, 2016 32 | # - Updated by Matthew Mitchell on February 13, 2017 (Version 1.1) 33 | # 34 | #################################################################################################### 35 | # 36 | # DEFINE VARIABLES & READ IN PARAMETERS 37 | # 38 | #################################################################################################### 39 | 40 | #Notification Title 41 | #This is the bold text that will appear at the top of the notification 42 | #You MUST maintain the double quotes around the title. 43 | title="This is the title of the notification!" 44 | 45 | #Notification Message 46 | #This is the body of text you want to appear 47 | #You MUST maintain the double quotes around the message. 48 | message="This is the message I want my users to see." 49 | 50 | #################################################################################################### 51 | # 52 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 53 | # 54 | #################################################################################################### 55 | 56 | osascript -e "display notification \"$message\" with title \"$title\"" -------------------------------------------------------------------------------- /macOS/enableManagementAndLocalFV2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # enableManagementAndLocalFV2.sh - Enables FV2 on a computer that is not already encrypted 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will prompt for the current logged in user's password, and will then enable 21 | # that user and the management account for FileVault 2, and encrypt the drive. 22 | # 23 | # REQUIREMENTS 24 | # 25 | # The mgmtUser and mgmtPass variables need to be configured as Parameters 4 and 5, respectively, in the JSS 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.1 32 | # 33 | # Release Notes: 34 | # - Added password authentication 35 | # 36 | # - Created by Matthew Mitchell on March 24, 2017 37 | # - Updated by Matthew Mitchell on July 13, 2017 v1.1 38 | # 39 | #################################################################################################### 40 | # 41 | # DEFINE VARIABLES & READ IN PARAMETERS 42 | # 43 | #################################################################################################### 44 | 45 | #Management Account Username 46 | mgmtUser="$4" 47 | 48 | #Management Account Password 49 | mgmtPass="$5" 50 | 51 | 52 | #################################################################################################### 53 | # 54 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 55 | # 56 | #################################################################################################### 57 | 58 | ## Get the logged in user's name 59 | userName=$(/usr/bin/stat -f%Su /dev/console) 60 | 61 | for ((i=0; i<3;i++)); 62 | 63 | do 64 | 65 | userPass="$(/usr/bin/osascript -e 'Tell application "System Events" to display dialog "Please enter your login password so that your IT department can configure FileVault 2 encryption on this machine:" default answer "" with title "Login Password" with text buttons {"Ok"} default button 1 with hidden answer' -e 'text returned of result')" 66 | 67 | authAttempt=$(dscl /Local/Default -authonly "$userName" "$userPass") 68 | 69 | if [ "$authAttempt" == "" ]; then 70 | i=3 71 | 72 | plist=" 73 | 74 | 75 | 76 | Username 77 | $mgmtUser 78 | Password 79 | $mgmtPass 80 | AdditionalUsers 81 | 82 | 83 | Username 84 | $userName 85 | Password 86 | $userPass 87 | 88 | 89 | 90 | " 91 | 92 | echo $plist > /tmp/fv.plist 93 | 94 | sudo fdesetup enable -inputplist < /tmp/fv.plist 95 | 96 | sudo rm /tmp/fv.plist 97 | 98 | elif [ $i != 2 ]; then 99 | /usr/bin/osascript -e 'Tell application "System Events" to display dialog "Something went wrong, try entering your password again..." buttons {"Try Again"} default button 1' 100 | else 101 | /usr/bin/osascript -e 'Tell application "System Events" to display dialog "Too may failed attempts...exiting..." buttons {"OK"} default button 1' 102 | fi 103 | 104 | done 105 | 106 | -------------------------------------------------------------------------------- /macOS/getWarrantyInformation.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # getWarrantyInformation.sh - Gets the estimated Warranty Expiration for a Mac 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script utilizes getwarranty.py, sourced from https://github.com/pudquick/pyMacWarranty/blob/master/getwarranty.py 21 | # 22 | # The script will get the serial number of the computer it's being run on, call the getwarranty.py script, and then 23 | # send the Warranty Expiration date to Jamf Pro using the API 24 | # 25 | # REQUIREMENTS 26 | # 27 | # A comprehensive walkthrough for properly configuring this script is available: 28 | # https://github.com/iMatthewCM/Jamf-Scripts/blob/master/Workflows/Warranty%20Reporting.pdf 29 | # 30 | #################################################################################################### 31 | # 32 | # HISTORY 33 | # 34 | # Version: 2.0 35 | # 36 | # Release Notes: 37 | # - Updated with credential encryption, better text parsing, and documentation parity 38 | # 39 | # - Created by Matthew Mitchell on May 23, 2018 40 | # - Updated by Matthew Mitchell on August 26, 2019 41 | # 42 | #################################################################################################### 43 | # 44 | # ENCRYPTED CREDENTIALS CONFIGURATION 45 | # 46 | #################################################################################################### 47 | 48 | #Follow the steps in the "Setting up Encrypted Credentials" section of the documentation to configure the following: 49 | 50 | #Enter the SALT value: 51 | SALT="enter value here" 52 | 53 | #Enter the PASSPHRASE value: 54 | PASSPHRASE="enter value here" 55 | 56 | #################################################################################################### 57 | # 58 | # DEFINE VARIABLES 59 | # 60 | #################################################################################################### 61 | 62 | #Follow the steps in the "Modifying Script Variables" section of the documentation to configure the following: 63 | 64 | #Enter your Jamf Pro URL - include any necessary ports but do NOT include a trailing / 65 | #On-Prem Example: https://myjss.com:8443" 66 | #Jamf Cloud Example: https://myjss.jamfcloud.com" 67 | JAMF_PRO_URL="https://myjss.jamfcloud.com" 68 | 69 | #Username for the API call 70 | #This user only needs permissions to UPDATE Computer and User objects, and should be entered here in clear text 71 | API_USERNAME="warrantyAPIuser" 72 | 73 | #The Jamf Pro Object ID of the EA we're going to update 74 | #You can get this from clicking into the EA in the GUI and checking the URL 75 | #There will be a section that says id=X - write in the value for X here: 76 | WARRANTY_EA_ID=4 77 | 78 | #This is the display name for the EA - write this exactly as it appears in Jamf Pro 79 | #Capitalization matters, and make sure to keep the quotes around it as seen in the example 80 | WARRANTY_EA_NAME="AppleCare Warranty Expiration Date" 81 | 82 | #################################################################################################### 83 | # 84 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 85 | # 86 | #################################################################################################### 87 | 88 | #Get the Serial Number for the computer 89 | serial=$(system_profiler SPHardwareDataType | grep Serial | awk '{print $NF}') 90 | 91 | #Run the script 92 | output=$(python /tmp/getwarranty.py) 93 | 94 | #Cut to the part of the output that we need 95 | output=$(echo $output | cut -d ':' -f5 | awk '{print $1}') 96 | 97 | #Tack on a timestamp for 11:59pm to format the value as a date 98 | output+=" 23:59:59" 99 | 100 | 101 | 102 | #Make the API call 103 | curl -H "Content-Type: text/xml" -d "$WARRANTY_EA_ID$WARRANTY_EA_NAMEDate$output" -ksu "$API_USERNAME":"$API_PASSWORD" "$JAMF_PRO_URL/JSSResource/computers/serialnumber/$serial/subset/extensionattributes" -X PUT 104 | 105 | #Remove the script, we don't need it anymore 106 | rm /tmp/getwarranty.py -------------------------------------------------------------------------------- /macOS/lockDock.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # lockDock.sh - Allows locking various aspects of the Dock 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script can lock the dock contents (and their position), the location of the dock on screen, 21 | # and the size of the dock. 22 | # 23 | # REQUIREMENTS 24 | # 25 | # This script simply needs to be deployed via Policy, or run locally on a machine. 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.0 32 | # 33 | # Release Notes: 34 | # - Initial release 35 | # 36 | # - Created by Matthew Mitchell on April 29, 2017 37 | # 38 | #################################################################################################### 39 | # 40 | # DEFINE VARIABLES & READ IN PARAMETERS 41 | # 42 | #################################################################################################### 43 | 44 | #To Prevent Changing or Rearranging Apps, set this to yes 45 | preventChangingApps=yes 46 | 47 | #To Prevent Changing the Location of the Dock, set this to yes 48 | preventChangingLocation=yes 49 | 50 | #To Prevent Changing the Size of the Dock, set this to yes 51 | preventChangingSize=yes 52 | 53 | #################################################################################################### 54 | # 55 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 56 | # 57 | #################################################################################################### 58 | 59 | user=`ls -l /dev/console | awk '/ / { print $3 }'` 60 | sudo -u $user defaults write com.apple.Dock contents-immutable -bool $preventChangingApps 61 | sudo -u $user defaults write com.apple.Dock position-immutable -bool $preventChangingLocation 62 | sudo -u $user defaults write com.apple.Dock size-immutable -bool $preventChangingSize 63 | sudo killall Dock -------------------------------------------------------------------------------- /macOS/macOSCreateAdminUser.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # macOSCreateAdminUser.sh - Configures an Admin Account for a single macOS computer 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will configure a local Administrator account for macOS devices 21 | # 22 | #################################################################################################### 23 | # 24 | # HISTORY 25 | # 26 | # Version: 1.2 27 | # 28 | # Release Notes: 29 | # - Fixed an error in the confirmation message output 30 | # 31 | # Created by Matthew Mitchell on February 7, 2017 32 | # - Updated by Matthew Mitchell on February 8, 2017 (Version 1.1) 33 | # - Updated by Matthew Mitchell on January 17, 2018 (Version 1.2) 34 | # 35 | #################################################################################################### 36 | # 37 | # DEFINE VARIABLES & READ IN PARAMETERS 38 | # 39 | #################################################################################################### 40 | 41 | #Create Accounts as HIDDEN? (YES/NO) 42 | #Changing this to YES will mean the account will never be available to click on via the Login screen 43 | #You will need to manually type in the username and password 44 | hidden=NO 45 | 46 | #Account Username 47 | macOSuser=jamfadmin 48 | 49 | #Account Password 50 | #You must maintain the single quotes around this password 51 | macOSpass='jamf1234' 52 | 53 | #Account Full Name 54 | #You must maintain the single quotes around this name 55 | macOSfullname='Jamf Administrator' 56 | 57 | #User Home Folder Location 58 | #Do not use a trailing / 59 | macOShome='/Users' 60 | 61 | #Account Unique ID 62 | #If you have never run this script before, leave this as 9509...it's very unlikely you've got 63 | #a UID this high already. 64 | macOSuid=9509 65 | 66 | #################################################################################################### 67 | # 68 | # SCRIPT CONTENTS - DO NOT MODIFY ANYTHING BELOW THIS LINE!!!! 69 | # CREATING ACCOUNTS MUST BE DONE IN A PARTICULAR WAY, SO, REALLY, DON'T MODIFY ANYTHING!!! 70 | # 71 | #################################################################################################### 72 | 73 | #Hidden String 74 | hstring=HIDDEN 75 | 76 | #Hidden Account Variable Processing 77 | if [ $hidden == "YES" ]; then 78 | hidden=1 79 | else 80 | hidden=0 81 | hstring=UN-HIDDEN 82 | fi 83 | 84 | #Show information and continue 85 | echo " 86 | This script will create the following $hstring accounts: 87 | 88 | Account Username......... $macOSuser 89 | Account Password......... $macOSpass 90 | Account Full Name........ $macOSfullname 91 | Account Unique ID........ $macOSuid 92 | Account Home Directory... $macOShome/$macOSuser 93 | 94 | Please make a note of this information. 95 | 96 | When this script is finished, your computer will RESTART AUTOMATICALLY. 97 | " 98 | 99 | #Admin User Creation 100 | 101 | sudo dscl . -create /Users/$macOSuser 102 | 103 | sudo dscl . -create /Users/$macOSuser UserShell /bin/bash 104 | 105 | sudo dscl . -create /Users/$macOSuser RealName "$macOSfullname" 106 | 107 | sudo dscl . -create /Users/$macOSuser UniqueID $macOSuid 108 | 109 | sudo dscl . -create /Users/$macOSuser PrimaryGroupID 1000 110 | 111 | sudo dscl . -create /Users/$macOSuser NFSHomeDirectory $macOShome/$macOSuser 112 | 113 | sudo dscl . -passwd /Users/$macOSuser $macOSpass 114 | 115 | sudo dscl . -append /Groups/admin GroupMembership $macOSuser 116 | 117 | sudo dscl . -create /Users/$macOSuser IsHidden $hidden 118 | 119 | echo "Done, rebooting..." 120 | 121 | sleep 2 122 | 123 | sudo shutdown -r now -------------------------------------------------------------------------------- /macOS/secureTokenUsers.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # secureTokenUsers.sh - Lists ALL Users on a Mac and their SecureToken status 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script uses the dscl binary to list out all Users on a Mac, and then the sysadminctl 21 | # binary to check the SecureToken status for each user 22 | # 23 | # REQUIREMENTS 24 | # 25 | # Run this script locally on a machine 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.0 32 | # 33 | # Release Notes: 34 | # - Initial release 35 | # 36 | # - Created by Matthew Mitchell on June 7, 2018 37 | # 38 | #################################################################################################### 39 | # 40 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 41 | # 42 | #################################################################################################### 43 | 44 | #Get the list of users and write it out to /tmp 45 | #Couldn't get the array to read properly without writing it out 46 | echo $(dscl . list /Users) > /tmp/users.txt 47 | 48 | #Read CSV into array 49 | IFS=$' ' read -d '' -r -a usernames < /tmp/users.txt 50 | 51 | #Delete the file, we don't need it anymore 52 | rm /tmp/users.txt 53 | 54 | #Get the length of the array 55 | length=${#usernames[@]} 56 | 57 | #For each entry in the array 58 | for ((i=0; i<$length; i++)); 59 | do 60 | #Check the SecureToken status 61 | sysadminctl -secureTokenStatus ${usernames[$i]} 62 | done 63 | -------------------------------------------------------------------------------- /macOS/setComputerNameToSerial.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # setComputerNameToSerial.sh - Sets a Mac's name to its Serial Number 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script grabs the Serial Number for the computer, parses the output, and assigns the Serial Number 21 | # as the new Computer Name. Then a jamf recon is run to reflect this change in the JSS immediately. 22 | # 23 | #################################################################################################### 24 | # 25 | # HISTORY 26 | # 27 | # Version: 1.3 28 | # 29 | # Release Notes: 30 | # - No more grep to awk! Who hired that guy? 31 | # 32 | # - Created by Matthew Mitchell on March 10, 2017 33 | # - Updated by Matthew Mitchell on August 1, 2017 v1.1 34 | # - Updated by Matthew Mitchell on June 7, 2018 v1.2 35 | # - Updated by Matthew Mitchell on October 4, 2018 v1.3 36 | # 37 | #################################################################################################### 38 | # 39 | # DEFINE VARIABLES & READ IN PARAMETERS 40 | # 41 | #################################################################################################### 42 | 43 | #Leave this blank to just set the name to the serial number 44 | #Do not include a hyphen at the end, one will be added automatically 45 | prefix="" 46 | 47 | #################################################################################################### 48 | # 49 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 50 | # 51 | #################################################################################################### 52 | 53 | #Get the Serial Number for the computer 54 | serialNumber=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}') 55 | 56 | #Check and see if we're using a Prefix 57 | if [[ "$prefix" != "" ]]; then 58 | newName="$prefix-$serialNumber" 59 | else 60 | newName=$serialNumber 61 | fi 62 | 63 | #Set Computer name to the output 64 | /usr/sbin/scutil --set ComputerName $newName 65 | /usr/sbin/scutil --set HostName $newName 66 | /usr/sbin/scutil --set LocalHostName $newName 67 | 68 | #Update Inventory to reflect the new name 69 | sudo jamf recon -------------------------------------------------------------------------------- /macOS/setupCasperShareUsers.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | #################################################################################################### 8 | # 9 | # ABOUT THIS PROGRAM 10 | # 11 | # NAME 12 | # setupCasperShareUsers.sh - Configures Accounts to use with a File Share Distribution Point 13 | # 14 | # DESCRIPTION 15 | # 16 | # This script will configure the accounts (and appropriate settings) that are required for 17 | # setting up a File Share Distribution Point to use with the JSS. 18 | # 19 | #################################################################################################### 20 | # 21 | # HISTORY 22 | # 23 | # Version: 1.2 24 | # 25 | # Release Notes: 26 | # - Fixed a bug where Full Names weren't getting written properly 27 | # 28 | # Created by Matthew Mitchell on August 24, 2016 29 | # Updated by Matthew Mitchell on December 3, 2016 (Version 1.1) 30 | # Updated by Matthew Mitchell on February 7, 2017 (Version 1.2) 31 | # 32 | #################################################################################################### 33 | # 34 | # DEFINE VARIABLES & READ IN PARAMETERS 35 | # 36 | #################################################################################################### 37 | 38 | #Create Accounts as HIDDEN? (YES/NO) 39 | #There usually isn't a reason to have these accounts un-hidden 40 | hidden=YES 41 | 42 | #Read/Write Account Username 43 | rwuser=casperadmin 44 | 45 | #Read/Write Account Password 46 | rwpass=jamf1234 47 | 48 | #Read/Write Account Full Name 49 | #You must maintain the single quotes around this name 50 | rwname='CasperAdmin' 51 | 52 | #Read/Write Account Unique ID 53 | #The Read Account Unique ID will be automatically set to 1 higher 54 | #If you have never run this script before, leave this as 9509 55 | rwid=9509 56 | 57 | 58 | #Read Account Username 59 | ruser=casperinstall 60 | 61 | #Read Account Password 62 | rpass=jamf1234 63 | 64 | #Read Account Full Name 65 | #You must maintain the single quotes around this name 66 | rname='CasperInstall' 67 | 68 | #################################################################################################### 69 | # 70 | # SCRIPT CONTENTS - DO NOT MODIFY ANYTHING BELOW THIS LINE!!!! 71 | # CREATING ACCOUNTS MUST BE DONE IN A PARTICULAR WAY, SO, REALLY, DON'T MODIFY ANYTHING!!! 72 | # 73 | #################################################################################################### 74 | 75 | #Read Account Unique ID 76 | rid=$((rwid+1)) 77 | 78 | #Hidden String 79 | hstring=HIDDEN 80 | 81 | #Hidden Account Variable Processing 82 | if [ $hidden == "YES" ]; then 83 | hidden=1 84 | else 85 | hidden=0 86 | hstring=UN-HIDDEN 87 | fi 88 | 89 | #Show information and continue 90 | read -p " 91 | This script will create the following $hstring accounts: 92 | 93 | Read/Write Username..... $rwuser 94 | Read/Write Password..... $rwpass 95 | Read/Write Full Name.... $rwname 96 | Read/Write Unique ID.... $rwid 97 | 98 | Read Username........... $ruser 99 | Read Password........... $rpass 100 | Read Full Name.......... $rname 101 | Read Unique ID.......... $rid 102 | 103 | Please make a note of this information. 104 | You will need the Username and Password for both accounts 105 | to configure the File Share Distribution Point in the JSS. 106 | 107 | When this script is finished, your computer will RESTART AUTOMATICALLY. 108 | 109 | Press ENTER to Continue, or ^C to Quit 110 | " 111 | 112 | #R/W User Creation 113 | 114 | sudo dscl . -create /Users/$rwuser 115 | 116 | sudo dscl . -create /Users/$rwuser UserShell /bin/bash 117 | 118 | sudo dscl . -create /Users/$rwuser RealName $rwname 119 | 120 | sudo dscl . -create /Users/$rwuser UniqueID $rwid 121 | 122 | sudo dscl . -create /Users/$rwuser PrimaryGroupID 1000 123 | 124 | sudo dscl . -create /Users/$rwuser NFSHomeDirectory /var/$rwuser 125 | 126 | sudo dscl . -passwd /Users/$rwuser $rwpass 127 | 128 | sudo dscl . -append /Groups/admin GroupMembership $rwuser 129 | 130 | sudo dscl . -create /Users/$rwuser IsHidden $hidden 131 | 132 | #R User Creation 133 | 134 | sudo dscl . -create /Users/$ruser 135 | 136 | sudo dscl . -create /Users/$ruser UserShell /bin/bash 137 | 138 | sudo dscl . -create /Users/$ruser RealName $rname 139 | 140 | sudo dscl . -create /Users/$ruser UniqueID $rid 141 | 142 | sudo dscl . -create /Users/$ruser PrimaryGroupID 1000 143 | 144 | sudo dscl . -create /Users/$ruser NFSHomeDirectory /var/$ruser 145 | 146 | sudo dscl . -passwd /Users/$ruser $rpass 147 | 148 | sudo dscl . -append /Groups/admin GroupMembership $ruser 149 | 150 | sudo dscl . -create /Users/$ruser IsHidden $hidden 151 | 152 | echo "Done, rebooting..." 153 | 154 | sleep 2 155 | 156 | sudo shutdown -r now -------------------------------------------------------------------------------- /macOS/trimComputerName.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # trimComputerName.sh - Removes the "'s MacBook" from the end of device names 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will trim off the trailing characters of a computer name if it detects "s MacBook" in the name 21 | # 22 | # REQUIREMENTS 23 | # 24 | # This script should be deployed in a Policy from the JSS 25 | # 26 | #################################################################################################### 27 | # 28 | # HISTORY 29 | # 30 | # Version: 1.1 31 | # 32 | # Release Notes: 33 | # - Added support for all Mac models 34 | # 35 | # - Created by Matthew Mitchell on July 26, 2017 36 | # - Updated by Matthew Mitchell on July 27, 2017 v1.1 37 | # 38 | #################################################################################################### 39 | # 40 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 41 | # 42 | #################################################################################################### 43 | 44 | #This is the function that does the renaming. 45 | #It'll do Computer, Host, and Localhost Name, then submit a Recon 46 | function renameComputer () { 47 | 48 | /usr/sbin/scutil --set ComputerName ${1} 49 | /usr/sbin/scutil --set HostName ${1} 50 | /usr/sbin/scutil --set LocalHostName ${1} 51 | 52 | echo "Set name to" ${1} 53 | 54 | jamf recon 55 | } 56 | 57 | #Get the name of the computer 58 | currentName=$(networksetup -getcomputername) 59 | 60 | #Get the last seven characters, needed to detect if it's just a MacBook 61 | lastSeven=$(echo "${currentName: -7}") 62 | 63 | #Is it a MacBook Pro? 64 | if [[ $currentName == *"s MacBook Pro"* ]]; then 65 | 66 | newName=${currentName::${#currentName}-14} 67 | 68 | renameComputer $newName 69 | 70 | #Is it a MacBook Air? 71 | elif [[ $currentName == *"s MacBook Air"* ]]; then 72 | 73 | newName=${currentName::${#currentName}-14} 74 | 75 | renameComputer $newName 76 | 77 | #Is it an iMac? 78 | elif [[ $currentName == *"s iMac"* ]]; then 79 | 80 | newName=${currentName::${#currentName}-7} 81 | 82 | renameComputer $newName 83 | 84 | #Is it a Mac Mini? 85 | elif [[ $currentName == *"s Mac Mini"* ]]; then 86 | 87 | newName=${currentName::${#currentName}-11} 88 | 89 | renameComputer $newName 90 | 91 | #Is it a MacBook? 92 | elif [[ $lastSeven == "MacBook" ]]; then 93 | 94 | newName=${currentName::${#currentName}-10} 95 | 96 | renameComputer $newName 97 | 98 | #The name didn't contain any product names, so don't mess with it 99 | else 100 | 101 | echo "No need to change the name" 102 | 103 | fi -------------------------------------------------------------------------------- /macOS/unlockDock.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # unlockDock.sh - Unlocks the Dock completely 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script removes any locks on removing/adding content to, changing the position of, 21 | # or changing the size of, the Dock 22 | # 23 | # REQUIREMENTS 24 | # 25 | # This script simply needs to be deployed via Policy, or run locally on a machine. 26 | # 27 | #################################################################################################### 28 | # 29 | # HISTORY 30 | # 31 | # Version: 1.0 32 | # 33 | # Release Notes: 34 | # - Initial release 35 | # 36 | # - Created by Matthew Mitchell on June 26, 2017 37 | # 38 | #################################################################################################### 39 | # 40 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 41 | # 42 | #################################################################################################### 43 | 44 | user=`ls -l /dev/console | awk '/ / { print $3 }'` 45 | sudo -u $user defaults write com.apple.Dock contents-immutable -bool no 46 | sudo -u $user defaults write com.apple.Dock position-immutable -bool no 47 | sudo -u $user defaults write com.apple.Dock size-immutable -bool no 48 | sudo killall Dock -------------------------------------------------------------------------------- /macOS/validateFirmware.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #################################################################################################### 3 | # 4 | # THIS SCRIPT IS NOT AN OFFICIAL PRODUCT OF JAMF SOFTWARE 5 | # AS SUCH IT IS PROVIDED WITHOUT WARRANTY OR SUPPORT 6 | # 7 | # BY USING THIS SCRIPT, YOU AGREE THAT JAMF SOFTWARE 8 | # IS UNDER NO OBLIGATION TO SUPPORT, DEBUG, OR OTHERWISE 9 | # MAINTAIN THIS SCRIPT 10 | # 11 | #################################################################################################### 12 | # 13 | # ABOUT THIS PROGRAM 14 | # 15 | # NAME 16 | # validateFirmware.sh - Utilizes Duo's EFIgy script to validate macOS firmware 17 | # 18 | # DESCRIPTION 19 | # 20 | # This script will trigger the EFIgy.py script to run, create a log, and then get the firmware 21 | # result from the log and send it back to the JSS in the form of an Extension Attribute 22 | # 23 | # REQUIREMENTS 24 | # 25 | # This script needs to be deployed with a package that installs the EFIgy python script and .pem file 26 | # to the /tmp/EFIgy directory, as well as an Extension Attribute in the JSS to write to. The script 27 | # needs to have a Priority of After. The EA needs to utilize Text Field as an Input Type, and String 28 | # as a Data Type. 29 | # 30 | #################################################################################################### 31 | # 32 | # HISTORY 33 | # 34 | # Version: 1.2 35 | # 36 | # Release Notes: 37 | # - Workaround to circumvent a problem with how EFIgy reports firmware after the High Sierra update 38 | # 39 | # - Created by Matthew Mitchell on October 9, 2017 40 | # - Updated by Matthew Mitchell on October 26, 2017 (version 1.1) 41 | # - Updated by Matthew Mitchell on December 19, 2017 (version 1.2) 42 | # 43 | #################################################################################################### 44 | # 45 | # DEFINE VARIABLES & READ IN PARAMETERS 46 | # 47 | #################################################################################################### 48 | 49 | #API Username 50 | #Use Parameter 4 in the JSS, or replace $4 with your username surrounded by quotes 51 | #Example: apiUser="admin" 52 | apiUser=$4 53 | 54 | #API Password 55 | #Use Parameter 5 in the JSS, or replace $5 with your password surrounded by quotes 56 | #Example: apiPass="jamf1234" 57 | apiPass=$5 58 | 59 | #Enter ID number of the EA to populate 60 | #This is found in the JSS URL when looking at the EA 61 | #Use Parameter 6 in the JSS, or replace $6 with the EA ID 62 | #Example: ?id=4&o=r ID is 4 63 | eaID=$6 64 | 65 | # Enter the exact Display Name of the Extension Attribute 66 | #Use Paramter 7 in the JSS, or replace $7 with the EA Display Name surrounded by quotes 67 | #Example: eaName="Firmware Valid" 68 | eaName=$7 69 | 70 | #################################################################################################### 71 | # 72 | # SCRIPT CONTENTS - DO NOT MODIFY BELOW THIS LINE 73 | # 74 | #################################################################################################### 75 | 76 | #Path to the main EFIgy directory we will create 77 | efigyDirectory=/tmp/EFIgy 78 | 79 | #Path to the log directory within the efigyDirectory 80 | logDirectory=$efigyDirectory/log 81 | 82 | #Remove existing directory to ensure we don't have extra data later on 83 | rm -rf $logDirectory 84 | 85 | #Make a brand new directory with nothing in it 86 | mkdir $logDirectory 87 | 88 | #Check to make sure EFIgy is in place 89 | if [ -e /tmp/EFIgy/EFIgyLite_cli.py ]; then 90 | 91 | #Run the EFIgy script and write a log to /tmp/EFIgy/log 92 | python /tmp/EFIgy/EFIgyLite_cli.py -q -l $logDirectory 93 | 94 | #List out the contents of the .../log directory 95 | #Since we just remade a brand new one, the latest log is the only thing that should be in there. 96 | #The logName gets an epoch timestamp in the name, so we can't count on what it will be called 97 | 98 | logName=$(ls $logDirectory) 99 | 100 | #Variable for later, complete path with log name 101 | logPath=$logDirectory/$logName 102 | 103 | #These two lines get the line number that the "Success" or "Attention" message will be on 104 | statusLineNum=`cat $logPath | grep -n "EFI firmware version" | awk -F : '{print $1}'` 105 | statusLineNum=$(expr $statusLineNum + 1) 106 | 107 | #Get a copy of the "Success / Attention" line 108 | efiStatus=`head -n $statusLineNum $logPath | tail -n 1` 109 | 110 | #Parse out that line to see if it says "Success" or "Attention" 111 | firmwareLogOutput=$(echo $efiStatus | cut -d ']' -f2 | cut -d '-' -f1 | sed 's/ //g') 112 | 113 | #If it said Success 114 | if [ "$firmwareLogOutput" == "SUCCESS" ]; then 115 | 116 | #Firmware is valid 117 | value="True" 118 | 119 | else 120 | 121 | #Firmware MIGHT be invalid - EFIgy Bug, documented as Issue 17 on EFIgy GitHub 122 | 123 | #Cut the current firmware out of the string 124 | #Hack off the last character (a comma) 125 | #Swap out MBP for MBPro 126 | currentFirmware=$(echo $efiStatus | cut -d\ -f28 | sed 's/.$//' | sed 's/MBP/MBPro/') 127 | 128 | #Cut the expected firmware out of the string 129 | #Hack off the last character (a period) 130 | expectedFirmware=$(echo $efiStatus | cut -d\ -f36 | sed 's/.$//') 131 | 132 | #Compare the real firmware values 133 | if [ "$currentFirmware" == "$expectedFirmware" ]; then 134 | 135 | #Firmware is valid after all 136 | value="True" 137 | 138 | else 139 | 140 | #Firmware is indeed invalid 141 | value="False" 142 | 143 | fi 144 | 145 | fi 146 | 147 | #Get serial number of current computer 148 | serial=`system_profiler SPHardwareDataType | awk '/Serial/ {print $4}'` 149 | 150 | #Get the JSS URL that this computer is enrolled in 151 | url=$(defaults read /Library/Preferences/com.jamfsoftware.jamf jss_url | grep https:// | sed 's/.$//') 152 | 153 | #Post XML file to JSS, updates the EA 154 | curl -H "Content-Type: application/xml" -d "$eaID$eaNameString$value" -ksu "$apiUser":"$apiPass" "$url/JSSResource/computers/serialnumber/$serial/subset/extensionattributes" -X PUT 155 | 156 | else 157 | #EFIgy package probably didn't come down, so don't try and do anything 158 | echo "EFIgy was not found at $efigyDirectory. Please ensure the package download was successful and try again." 159 | fi --------------------------------------------------------------------------------