- Jamf Nation Community
- Products
- Jamf Pro
- Re: AppleScript - Deploying Through Jamf Pro
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello everyone,
I'm looking for help deploying AppleScript through Jamf Pro. I know the basics of bash scripts but almost nothing about AppleScript. I got the following AppleScript from one of our network administrators:
tell application "System Events"
set macUser to name of current user
end tell
try
set FortiDir to POSIX file "/Users/Shared/Fortinet/Forticlient"
set ztnaConfig to POSIX file "/Users/Shared/Fortinet/Forticlient/ztnaconfig.json"
set FortiDir to POSIX path of the file FortiDir
set ztnaConfig to POSIX path of the file ztnaConfig
do shell script "chown -R " & macUser & " " & FortiDir with administrator privileges
do shell script "chmod 755 " & FortiDir with administrator privileges
do shell script "chmod 644 " & ztnaConfig with administrator privileges
display dialog "BW FortiClient permissions patch successful"
on error theErr
display dialog "File permissions update failed for " & FortiDir
end try
I tried to deploy it as a shell script in Jamf like this:
#!/bin/bash
osascript -e 'tell application "System Events"
set macUser to name of current user
end tell
try
set FortiDir to POSIX file "/Users/Shared/Fortinet/Forticlient"
set ztnaConfig to POSIX file "/Users/Shared/Fortinet/Forticlient/ztnaconfig.json"
set FortiDir to POSIX path of the file FortiDir
set ztnaConfig to POSIX path of the file ztnaConfig
do shell script "chown -R " & macUser & " " & FortiDir with administrator privileges
do shell script "chmod 755 " & FortiDir with administrator privileges
do shell script "chmod 644 " & ztnaConfig with administrator privileges
display dialog "BW FortiClient ZTNA permissions patch successful"
on error theErr
display dialog "File permissions update failed for " & FortiDir
end try'
It works on some machines but fails on others. The error is:
Script result: 56-60: execution error: System Events got an error: Application isn't running. (-600)
I searched for the error and found out a line to launch System Events by adding this:
if application "System Events" is not running then
launch application "System Events"
delay 0.5
end if
So, I modified my shell script to look like this:
#!/bin/bash
osascript -e 'if application "System Events" is not running then
launch application "System Events"
delay 0.5
end if
tell application "System Events"
set macUser to name of current user
end tell
try
set FortiDir to POSIX file "/Users/Shared/Fortinet/Forticlient"
set ztnaConfig to POSIX file "/Users/Shared/Fortinet/Forticlient/ztnaconfig.json"
set FortiDir to POSIX path of the file FortiDir
set ztnaConfig to POSIX path of the file ztnaConfig
do shell script "chown -R " & macUser & " " & FortiDir with administrator privileges
do shell script "chmod 755 " & FortiDir with administrator privileges
do shell script "chmod 644 " & ztnaConfig with administrator privileges
display dialog "BW FortiClient permissions patch successful"
on error theErr
display dialog "File permissions update failed for " & FortiDir
end try'
I still get errors, and this post is getting too long to post them. I think it's possible that I'm messing up the syntax when integrating AS into shell. I'm hoping it's something very simple that one of you can spot easily.
Appreciate your time and suggestions.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
if that is all you are trying to do, I'd package up ztnaconfig.json with composer, at the correct path; and then use chown -R /path/to/item and chmod -R 644 /path/to/item. both easy things to setup in a policy. no apple script needed the chown and chmod command could even be chain together with && if you like. hope that helps.
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Applescript.. in 2024? thats breaking out to shell script.. this is messy.. whats inside ztnaconfig.json
What exactly is this trying to do?
How is the json deployed?
Lets start there, sure this could be done very simply with shell script.. if thats really what is required..
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago - last edited 3 weeks ago
I don't know what's inside the ztnaconfig.json, this was deployed previously when FortiClient was installed. I spoke to the network admins. The goal is that the ztna* files in /Users/Shared/Fortinet/Forticlient/ be owned by the logged-in user and have perms set to 644, and that the directory itself is set to 755. So yes I agree that it is messy as I've tried to deploy it, and it is probably best accomplished with a relatively simple shell script. I think I'm going to try that instead. Thanks for validating my suspicion.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
if that is all you are trying to do, I'd package up ztnaconfig.json with composer, at the correct path; and then use chown -R /path/to/item and chmod -R 644 /path/to/item. both easy things to setup in a policy. no apple script needed the chown and chmod command could even be chain together with && if you like. hope that helps.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
Thank you. The json file has already been deployed, so all I really need to do is to change ownership and permissions. Since our users don't share machines, I can probably dispense with the part of the script that looks for the currently-logged in user, and instead just send the chown and chmod commands in a two-line script via policy. Or maybe even just use the Files & Processes payload of a policy, I think it supports multiple commands. Am I missing something? As I write this I'm realizing that this project might have been overcomplicated.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
Hello,
I don't think the permissions need to be the user's. It is in 'Shared', so 'everyone' can usually read by default. I have that folder on my Mac, and FortiClient is working while user permissions are root/system.
This is definitely NOT the job for applescript! :)
chris
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago - last edited 2 weeks ago
Thank you, everyone. Once I spoke to the network administrator and he clarified what the goal of all of this was, I just put it all in a shell script and deployed it through a policy. I should have done that from the start, but I didn't know exactly what his AppleScript was doing and I thought integrating it in a shell script would be simple. Anyway, I really appreciate all your help, sometimes you just need to run these kinds of things by your peers in order for you to sort them out.
