a month ago - last edited a month ago
Hi there,
We currently have Google Workspace configured in Jamf Pro. This allows us to manually search for users in "Users and Location" to assign them to a device.
We also have Jamf Connect in our environment that associates the local account with an Okta account which is linked to the user's Google Workspace email.
Is there some way to automate assigning user details into User and location based on the username of a logged in user?
Solved! Go to Solution.
4 weeks ago
this is what I use in my enviroment and is working good.
#!/bin/sh
# Get current signed-in user
currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')
# com.jamf.connect.state.plist location
jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"
# Check if the plist file exists
if [ -f "$jamfConnectStateLocation" ]; then
# Read DisplayName from the plist file
DisplayName=$(/usr/libexec/PlistBuddy -c "Print :DisplayName" "$jamfConnectStateLocation" 2>/dev/null)
if [ -n "$DisplayName" ]; then
# Upload DisplayName to Jamf Pro if it's not empty
if [ "$currentUser" != "root" ]; then
/usr/local/bin/jamf recon -endUsername "$DisplayName"
fi
else
echo "DisplayName not found in $jamfConnectStateLocation"
fi
else
echo "Plist file not found: $jamfConnectStateLocation"
fi
exit 0
a month ago
You might find my JNUC video from a couple of years ago useful:
How to collect user information and apply it throughout Jamf Pro | JNUC 2021
a month ago
you can run recon with the logged in user, jamf would populate the mapped fields.
#!/bin/sh
# logged in user
loggedInUser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`
# Run recon
/usr/local/jamf/bin/jamf recon -endUsername $loggedInUser
a month ago - last edited a month ago
'com.jamf.connect.state.plist' reports more accurate data. Would it be possible to read 'email' and use it as Username within User and Location and the 'name' value as Full Name in User and Location? I tried to find some examples of people pulling data from sub-categories within a key in a .plist. It's mostly just people pulling the key value itself however these are categories within a single key so I'm not sure how to pull the values after 'name = ' and 'email = '
a month ago
Alright, so here's what I have so far to do what I need in case anyone else finds this useful
#!/bin/sh
fullName=`defaults read com.jamf.connect.state |grep -E 'name ='|grep -o '"[^"]\+"'`
emailAddress=`defaults read com.jamf.connect.state |grep -E 'email ='|grep -o '"[^"]\+"'`
/usr/local/jamf/bin/jamf recon -endUsername $emailAddress -realname $fullName -email $emailAddress
4 weeks ago
this is what I use in my enviroment and is working good.
#!/bin/sh
# Get current signed-in user
currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')
# com.jamf.connect.state.plist location
jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"
# Check if the plist file exists
if [ -f "$jamfConnectStateLocation" ]; then
# Read DisplayName from the plist file
DisplayName=$(/usr/libexec/PlistBuddy -c "Print :DisplayName" "$jamfConnectStateLocation" 2>/dev/null)
if [ -n "$DisplayName" ]; then
# Upload DisplayName to Jamf Pro if it's not empty
if [ "$currentUser" != "root" ]; then
/usr/local/bin/jamf recon -endUsername "$DisplayName"
fi
else
echo "DisplayName not found in $jamfConnectStateLocation"
fi
else
echo "Plist file not found: $jamfConnectStateLocation"
fi
exit 0
4 weeks ago
I can confirm your script works perfectly. Is there any way to pull the 'name' attribute using this method with PlistBuddy?
I've tried by just replacing the 'DisplayName' key with 'name' and it doesn't seem to work. I think it's due to the 'name' key being a sub-category (key) to the 'IdToken' key.
4 weeks ago
Try this and see if it works for you
4 weeks ago
I get the error
"Name is empty or not found in /Users/'x'/Library/Preferences/com.jamf.connect.state.plist"
This looks like the exact way I adjusted your original script to account for the name key that didn't work.
4 weeks ago
I don't know how to make that work then, sorry. With the above script I get what I need for Jamf Pro.
4 weeks ago
When you update the username to email does it automatically populate all the other data? Or are you clicking search and manually assigning the credentials?
4 weeks ago
It does it automatically, if you have more questions you can search for me in Slack as Arturo Yumpo.
4 weeks ago
Managed to get it right here. For me it doesn't auto populated once the username is present but found a way to specify a sub-key
#!/bin/sh
# Get current signed-in user
currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')
# com.jamf.connect.state.plist location
jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"
# Check if the plist file exists
if [ -f "$jamfConnectStateLocation" ]; then
# Read DisplayName from the plist file
preferredUsername=$(/usr/libexec/PlistBuddy -c "Print :IdToken:preferred_username" "$jamfConnectStateLocation")
fullName=$(/usr/libexec/PlistBuddy -c "Print :IdToken:name" "$jamfConnectStateLocation")
if [ -n "$preferredUsername" ]; then
# Upload DisplayName to Jamf Pro if it's not empty
if [ "$currentUser" != "root" ]; then
/usr/local/bin/jamf recon -endUsername "$preferredUsername"
/usr/local/bin/jamf recon -realname "$fullName"
fi
else
echo "DisplayName not found in $jamfConnectStateLocation"
fi
else
echo "Plist file not found: $jamfConnectStateLocation"
fi
exit 0
4 weeks ago
if it doesn't auto-populate make sure your Mapping is correct and that you also have Buldings and Departments created in Jamf Pro
4 weeks ago
I made some adjusts to the above script. This is the current working solution for my above issue.
#!/bin/bash
cat <<'EOF'> "/private/var/tmp/PopulateUserData.sh"
fullName=`defaults read com.jamf.connect.state |grep -E 'name ='|grep -o '"[^"]\+"'|cut -d\" -f2`
emailAddress=`defaults read com.jamf.connect.state |grep -E 'email ='|grep -o '"[^"]\+"'|cut -d\" -f2`
sudo /usr/local/jamf/bin/jamf recon -endUsername "$emailAddress" -realname "$fullName" -email "$emailAddress"
EOF
chmod a+x /private/var/tmp/PopulateUserData.sh
currentuser=`stat -f "%Su" /dev/console`
su "$currentuser" -c "/private/var/tmp/PopulateUserData.sh"
sleep 10
rm -rf /private/var/tmp/PopulateUserData.sh
4 weeks ago
Just said some failures in our test environment with this script. Seems when I was testing since I was forcing policy update from Jamf using the 'sudo jamf policy' command it elevates permissions for the script as well but if you let the policy execute on its own it requires admin permissions.