Good morning. We recently hit a APN snafu that resulted in a new APN and policy having to be pushed out. We are trying to find a script run as an extension attribute that can return either a "good" or "bad" result depending on what APN variable is stated. From there, we would make a smart group to see those endpoints in real time. Using Jamf Pro and managing MacOS machines. Thanks.
Question
Extension Attribute to Determine Wrong APN
+4
+25@fotofojo The APNS certificate is installed on your Jamf Pro server, not your Macs. You should be able to determine which of your Macs aren't going to recognize the new APNS certificate by using a Smart Group to check their last enrollment date.
+9Not sure this is exactly what you're looking for, but we use this EA to gather the APNS topic which should be consistent among all your machines which are properly enrolled.
#!/bin/sh
topic=$(/System/Library/PrivateFrameworks/ApplePushService.framework/apsctl status | grep -m1 "com.apple.mgmt.External" | awk '{print $NF}')
echo "<result>$topic</result>"
+25Not sure this is exactly what you're looking for, but we use this EA to gather the APNS topic which should be consistent among all your machines which are properly enrolled.
#!/bin/sh
topic=$(/System/Library/PrivateFrameworks/ApplePushService.framework/apsctl status | grep -m1 "com.apple.mgmt.External" | awk '{print $NF}')
echo "<result>$topic</result>"
@TrentO Thanks for sharing that EA, it's a good day when one learns something new. I'm definitely filing this away for future use.
+9@TrentO Thanks for sharing that EA, it's a good day when one learns something new. I'm definitely filing this away for future use.
No problem. I can't take credit for the script. It was shared with me by a Jamf tech while troubleshooting an APNS issue we were having. So just passing it along 😁
+4@fotofojo The APNS certificate is installed on your Jamf Pro server, not your Macs. You should be able to determine which of your Macs aren't going to recognize the new APNS certificate by using a Smart Group to check their last enrollment date.
Thanks. We just need to determine which APN the device was currently getting.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.