Jamf Nation Community

_aDiedericks · ‎11-09-2023

Hi there,

We currently have Google Workspace configured in Jamf Pro. This allows us to manually search for users in "Users and Location" to assign them to a device.

We also have Jamf Connect in our environment that associates the local account with an Okta account which is linked to the user's Google Workspace email.

Is there some way to automate assigning user details into User and location based on the username of a logged in user?

Deku91 · ‎11-11-2023

this is what I use in my enviroment and is working good.

#!/bin/sh

# Get current signed-in user
currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')

# com.jamf.connect.state.plist location
jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"

# Check if the plist file exists
if [ -f "$jamfConnectStateLocation" ]; then
# Read DisplayName from the plist file
DisplayName=$(/usr/libexec/PlistBuddy -c "Print :DisplayName" "$jamfConnectStateLocation" 2>/dev/null)

if [ -n "$DisplayName" ]; then
# Upload DisplayName to Jamf Pro if it's not empty
if [ "$currentUser" != "root" ]; then
/usr/local/bin/jamf recon -endUsername "$DisplayName"
fi
else
echo "DisplayName not found in $jamfConnectStateLocation"
fi
else
echo "Plist file not found: $jamfConnectStateLocation"
fi

exit 0

View solution in original post

talkingmoose · ‎11-09-2023

You might find my JNUC video from a couple of years ago useful:

How to collect user information and apply it throughout Jamf Pro | JNUC 2021

A_Collins · ‎11-09-2023

you can run recon with the logged in user, jamf would populate the mapped fields.

#!/bin/sh

# logged in user
loggedInUser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`

# Run recon
/usr/local/jamf/bin/jamf recon -endUsername $loggedInUser

_aDiedericks · ‎11-10-2023

'com.jamf.connect.state.plist' reports more accurate data. Would it be possible to read 'email' and use it as Username within User and Location and the 'name' value as Full Name in User and Location? I tried to find some examples of people pulling data from sub-categories within a key in a .plist. It's mostly just people pulling the key value itself however these are categories within a single key so I'm not sure how to pull the values after 'name = ' and 'email = '

_aDiedericks · ‎11-10-2023

Alright, so here's what I have so far to do what I need in case anyone else finds this useful

#!/bin/sh
fullName=`defaults read com.jamf.connect.state |grep -E 'name ='|grep -o '"[^"]\+"'`
emailAddress=`defaults read com.jamf.connect.state |grep -E 'email ='|grep -o '"[^"]\+"'`

/usr/local/jamf/bin/jamf recon -endUsername $emailAddress -realname $fullName -email $emailAddress

Deku91 · ‎11-11-2023

this is what I use in my enviroment and is working good.

#!/bin/sh

# Get current signed-in user
currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')

# com.jamf.connect.state.plist location
jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"

# Check if the plist file exists
if [ -f "$jamfConnectStateLocation" ]; then
# Read DisplayName from the plist file
DisplayName=$(/usr/libexec/PlistBuddy -c "Print :DisplayName" "$jamfConnectStateLocation" 2>/dev/null)

if [ -n "$DisplayName" ]; then
# Upload DisplayName to Jamf Pro if it's not empty
if [ "$currentUser" != "root" ]; then
/usr/local/bin/jamf recon -endUsername "$DisplayName"
fi
else
echo "DisplayName not found in $jamfConnectStateLocation"
fi
else
echo "Plist file not found: $jamfConnectStateLocation"
fi

exit 0

_aDiedericks · ‎11-13-2023

I can confirm your script works perfectly. Is there any way to pull the 'name' attribute using this method with PlistBuddy?
I've tried by just replacing the 'DisplayName' key with 'name' and it doesn't seem to work. I think it's due to the 'name' key being a sub-category (key) to the 'IdToken' key.

Deku91 · ‎11-13-2023

Try this and see if it works for you

#!/bin/sh

# Get current signed-in user

currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')

# com.jamf.connect.state.plist location

jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"

# Check if the plist file exists

if [ -f "$jamfConnectStateLocation" ]; then

# Read name from the plist file

Name=$(/usr/libexec/PlistBuddy -c "Print :name" "$jamfConnectStateLocation" 2>/dev/null)

if [ -n "$Name" ]; then

# Upload Name to Jamf Pro if it's not empty

if [ "$currentUser" != "root" ]; then

/usr/local/bin/jamf recon -endUsername "$Name"

fi

else

echo "Name is empty or not found in $jamfConnectStateLocation"

fi

else

echo "Plist file not found: $jamfConnectStateLocation"

fi

exit 0

_aDiedericks · ‎11-13-2023

I get the error

"Name is empty or not found in /Users/'x'/Library/Preferences/com.jamf.connect.state.plist"

This looks like the exact way I adjusted your original script to account for the name key that didn't work.

Deku91 · ‎11-13-2023

I don't know how to make that work then, sorry. With the above script I get what I need for Jamf Pro.

_aDiedericks · ‎11-13-2023

When you update the username to email does it automatically populate all the other data? Or are you clicking search and manually assigning the credentials?

Deku91 · ‎11-13-2023

It does it automatically, if you have more questions you can search for me in Slack as Arturo Yumpo.

_aDiedericks · ‎11-13-2023

Managed to get it right here. For me it doesn't auto populated once the username is present but found a way to specify a sub-key

#!/bin/sh

# Get current signed-in user
currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')

# com.jamf.connect.state.plist location
jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"

# Check if the plist file exists
if [ -f "$jamfConnectStateLocation" ]; then
# Read DisplayName from the plist file
preferredUsername=$(/usr/libexec/PlistBuddy -c "Print :IdToken:preferred_username" "$jamfConnectStateLocation")
fullName=$(/usr/libexec/PlistBuddy -c "Print :IdToken:name" "$jamfConnectStateLocation")
if [ -n "$preferredUsername" ]; then
# Upload DisplayName to Jamf Pro if it's not empty
if [ "$currentUser" != "root" ]; then
/usr/local/bin/jamf recon -endUsername "$preferredUsername"
/usr/local/bin/jamf recon -realname "$fullName"
fi
else
echo "DisplayName not found in $jamfConnectStateLocation"
fi
else
echo "Plist file not found: $jamfConnectStateLocation"
fi

exit 0

Deku91 · ‎11-13-2023

if it doesn't auto-populate make sure your Mapping is correct and that you also have Buldings and Departments created in Jamf Pro

_aDiedericks · ‎11-11-2023

I made some adjusts to the above script. This is the current working solution for my above issue.

#!/bin/bash
cat <<'EOF'> "/private/var/tmp/PopulateUserData.sh"
fullName=`defaults read com.jamf.connect.state |grep -E 'name ='|grep -o '"[^"]\+"'|cut -d\" -f2`
emailAddress=`defaults read com.jamf.connect.state |grep -E 'email ='|grep -o '"[^"]\+"'|cut -d\" -f2`

sudo /usr/local/jamf/bin/jamf recon -endUsername "$emailAddress" -realname "$fullName" -email "$emailAddress"
EOF
chmod a+x /private/var/tmp/PopulateUserData.sh
currentuser=`stat -f "%Su" /dev/console`
su "$currentuser" -c "/private/var/tmp/PopulateUserData.sh"
sleep 10
rm -rf /private/var/tmp/PopulateUserData.sh

_aDiedericks · ‎11-12-2023

Just said some failures in our test environment with this script. Seems when I was testing since I was forcing policy update from Jamf using the 'sudo jamf policy' command it elevates permissions for the script as well but if you let the policy execute on its own it requires admin permissions.

Jamf Nation Community

Automate User and location Details