Posted on 04-19-2020 02:42 AM
Hello,
I use Jamf Connect Login, I would like the Dep notify window (https://gitlab.com/Mactroll/DEPNotify) to launch after login, a bit like the Notify Mechanism integrated in Jamf Connect.
Only, unlike Notify, it only launches after the user's desktop is displayed.
Do you know how to make it run right after logging in to Jamf Connect Login?
I deploy the package and the script during enrollment prestage for information.
Thanks.
Posted on 04-19-2020 08:34 AM
You can do this by deploying the Jamf Connect package and Notify script as part of one custom signed package (created in Composer for example). You'd then have a post install script on that package which essentially installs the Jamf Connect package from the source folder, then uses the authchanger mech to include the script as well as your IDP authentication.
Here's what the package source would look like:
Here's an example of a basic post install script:
#!/bin/sh
# Log all echo events to logfile
exec &> /private/tmp/jcinstalllog.txt
# Install Jamf Connect Login
installer -pkg /private/tmp/JamfConnectLogin.pkg -target /
sleep 5
# Enable DEP Notify Mech
/usr/local/bin/authchanger -reset -OIDC -preAuth JamfConnectLogin:RunScript,privileged JamfConnectLogin:Notify
You also need to define the script's location in the Jamf Connect Login PLIST using the "ScriptPath" key, so in my example above the string for that would be /usr/local/bin/NotifyLoginScript.sh.
Then, as part of your notify script you can put another authchanger command in there similar to the one in the post install script you created to reset the loginwindow back to normal if you want, or just back to the IDP authentication without the script following it.
EDIT: Sorry, only just noticed after posting the part about you wanting to use DEP Notify as opposed to the built in Notify. To answer your question, not that I know of. Is there anything in particular you're trying to achieve with DEP Notify that you're not getting with the Notify mech in Jamf Connect?
Posted on 04-19-2020 09:10 PM
@ITFRANCE Look at this article I have done is for over 4 Jamf deployments. HCS DEPNotify Signed
Posted on 04-20-2020 03:20 AM
Hello,
Thank you for your answers,
So I'll use the built-in notification mechanism of Jamf Connect, it's easier.
On the other hand, I have a small question, I have just seen that each time I restart my NOTIFY script is reboot and it reinstalls the software, what is the best solution in this case, delete the script after the first use?
I attached a screenshot of my script.
Thanks ;)
Posted on 04-20-2020 03:24 AM
Does Jamf Connect allow user input for things like Computer Name and Role - that is a useful feature of DEPNotify?
Posted on 04-20-2020 04:48 AM
Posted on 04-20-2020 11:59 AM
Yep, at the end of my actual Notify script I always add the authchanger command to take the script off so it doesn't keep running every time like you're seeing.
If you want to keep the IDP authentication each time with no notify script every time add the following to the end of your Notify script:
/usr/local/bin/authchanger -reset -OIDC -preAuth
If you want to revert back to the native Mac OS login window add this to the end of the Notify script:
/usr/local/bin/authchanger -reset -loginwindow
Posted on 04-20-2020 12:44 PM
Thank you all for your answers, I've come a long way.
Just one little thing (it's my manic side), while the Notify window is advancing, if I press space (or maybe another key), the message "testing" appears, do you think it's possible to remove the message? I can't figure out where it's coming from.
Thank you