11-09-2023 06:04 AM - edited 11-09-2023 06:05 AM
Hi there,
We currently have Google Workspace configured in Jamf Pro. This allows us to manually search for users in "Users and Location" to assign them to a device.
We also have Jamf Connect in our environment that associates the local account with an Okta account which is linked to the user's Google Workspace email.
Is there some way to automate assigning user details into User and location based on the username of a logged in user?
Solved! Go to Solution.
Posted on 11-11-2023 04:45 AM
this is what I use in my enviroment and is working good.
#!/bin/sh
# Get current signed-in user
currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')
# com.jamf.connect.state.plist location
jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"
# Check if the plist file exists
if [ -f "$jamfConnectStateLocation" ]; then
# Read DisplayName from the plist file
DisplayName=$(/usr/libexec/PlistBuddy -c "Print :DisplayName" "$jamfConnectStateLocation" 2>/dev/null)
if [ -n "$DisplayName" ]; then
# Upload DisplayName to Jamf Pro if it's not empty
if [ "$currentUser" != "root" ]; then
/usr/local/bin/jamf recon -endUsername "$DisplayName"
fi
else
echo "DisplayName not found in $jamfConnectStateLocation"
fi
else
echo "Plist file not found: $jamfConnectStateLocation"
fi
exit 0
Posted on 11-09-2023 06:24 AM
You might find my JNUC video from a couple of years ago useful:
How to collect user information and apply it throughout Jamf Pro | JNUC 2021
Posted on 11-09-2023 04:20 PM
you can run recon with the logged in user, jamf would populate the mapped fields.
#!/bin/sh
# logged in user
loggedInUser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`
# Run recon
/usr/local/jamf/bin/jamf recon -endUsername $loggedInUser
11-10-2023 12:56 AM - edited 11-10-2023 01:02 AM
'com.jamf.connect.state.plist' reports more accurate data. Would it be possible to read 'email' and use it as Username within User and Location and the 'name' value as Full Name in User and Location? I tried to find some examples of people pulling data from sub-categories within a key in a .plist. It's mostly just people pulling the key value itself however these are categories within a single key so I'm not sure how to pull the values after 'name = ' and 'email = '
Posted on 11-10-2023 04:19 AM
Alright, so here's what I have so far to do what I need in case anyone else finds this useful
#!/bin/sh
fullName=`defaults read com.jamf.connect.state |grep -E 'name ='|grep -o '"[^"]\+"'`
emailAddress=`defaults read com.jamf.connect.state |grep -E 'email ='|grep -o '"[^"]\+"'`
/usr/local/jamf/bin/jamf recon -endUsername $emailAddress -realname $fullName -email $emailAddress
Posted on 11-11-2023 04:45 AM
this is what I use in my enviroment and is working good.
#!/bin/sh
# Get current signed-in user
currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')
# com.jamf.connect.state.plist location
jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"
# Check if the plist file exists
if [ -f "$jamfConnectStateLocation" ]; then
# Read DisplayName from the plist file
DisplayName=$(/usr/libexec/PlistBuddy -c "Print :DisplayName" "$jamfConnectStateLocation" 2>/dev/null)
if [ -n "$DisplayName" ]; then
# Upload DisplayName to Jamf Pro if it's not empty
if [ "$currentUser" != "root" ]; then
/usr/local/bin/jamf recon -endUsername "$DisplayName"
fi
else
echo "DisplayName not found in $jamfConnectStateLocation"
fi
else
echo "Plist file not found: $jamfConnectStateLocation"
fi
exit 0
Posted on 11-13-2023 01:31 AM
I can confirm your script works perfectly. Is there any way to pull the 'name' attribute using this method with PlistBuddy?
I've tried by just replacing the 'DisplayName' key with 'name' and it doesn't seem to work. I think it's due to the 'name' key being a sub-category (key) to the 'IdToken' key.
Posted on 11-13-2023 05:09 AM
Try this and see if it works for you
Posted on 11-13-2023 05:31 AM
I get the error
"Name is empty or not found in /Users/'x'/Library/Preferences/com.jamf.connect.state.plist"
This looks like the exact way I adjusted your original script to account for the name key that didn't work.
Posted on 11-13-2023 05:39 AM
I don't know how to make that work then, sorry. With the above script I get what I need for Jamf Pro.
Posted on 11-13-2023 05:54 AM
When you update the username to email does it automatically populate all the other data? Or are you clicking search and manually assigning the credentials?
Posted on 11-13-2023 06:03 AM
It does it automatically, if you have more questions you can search for me in Slack as Arturo Yumpo.
Posted on 11-13-2023 07:21 AM
Managed to get it right here. For me it doesn't auto populated once the username is present but found a way to specify a sub-key
#!/bin/sh
# Get current signed-in user
currentUser=$(ls -l /dev/console | awk '/ / { print $3 }')
# com.jamf.connect.state.plist location
jamfConnectStateLocation="/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist"
# Check if the plist file exists
if [ -f "$jamfConnectStateLocation" ]; then
# Read DisplayName from the plist file
preferredUsername=$(/usr/libexec/PlistBuddy -c "Print :IdToken:preferred_username" "$jamfConnectStateLocation")
fullName=$(/usr/libexec/PlistBuddy -c "Print :IdToken:name" "$jamfConnectStateLocation")
if [ -n "$preferredUsername" ]; then
# Upload DisplayName to Jamf Pro if it's not empty
if [ "$currentUser" != "root" ]; then
/usr/local/bin/jamf recon -endUsername "$preferredUsername"
/usr/local/bin/jamf recon -realname "$fullName"
fi
else
echo "DisplayName not found in $jamfConnectStateLocation"
fi
else
echo "Plist file not found: $jamfConnectStateLocation"
fi
exit 0
Posted on 11-13-2023 07:24 AM
if it doesn't auto-populate make sure your Mapping is correct and that you also have Buldings and Departments created in Jamf Pro
Posted on 11-11-2023 08:25 AM
I made some adjusts to the above script. This is the current working solution for my above issue.
#!/bin/bash
cat <<'EOF'> "/private/var/tmp/PopulateUserData.sh"
fullName=`defaults read com.jamf.connect.state |grep -E 'name ='|grep -o '"[^"]\+"'|cut -d\" -f2`
emailAddress=`defaults read com.jamf.connect.state |grep -E 'email ='|grep -o '"[^"]\+"'|cut -d\" -f2`
sudo /usr/local/jamf/bin/jamf recon -endUsername "$emailAddress" -realname "$fullName" -email "$emailAddress"
EOF
chmod a+x /private/var/tmp/PopulateUserData.sh
currentuser=`stat -f "%Su" /dev/console`
su "$currentuser" -c "/private/var/tmp/PopulateUserData.sh"
sleep 10
rm -rf /private/var/tmp/PopulateUserData.sh
Posted on 11-12-2023 11:23 PM
Just said some failures in our test environment with this script. Seems when I was testing since I was forcing policy update from Jamf using the 'sudo jamf policy' command it elevates permissions for the script as well but if you let the policy execute on its own it requires admin permissions.
Posted on 08-28-2024 09:04 PM
Where can I find the 'com.jamf.connect.state.plist'? We use Jamf Connect as well but can't find that plist anywhere on the device. I even browsed the file path.
/Users/$currentUser/Library/Preferences/com.jamf.connect.state.plist
Posted on 08-28-2024 09:13 PM
Disregard. I was testing with a recently wiped test machine and it didn't have JC configured yet. 😅
Script @Deku91 provided worked great!