Check Policy membership via Script

I assume you mean a Casper Smart or Static group, not an AD/OD group? The latter is trivial...

When do you want to display the message? Once, recurring, before something gets installed/updated?

Hi Robert.

Let me describe what we want to do.

We have various Policies that are triggered by Smart Groups for certain Updates (like Adobe Reader or else).
A lot of our Designers do not update certain applications in time what could create possible security issues.

We have one Policy set up at the moment that triggers all of them in the background by running a command (sudo jamf policy -id 259; sudo jamf policy -id 175; and further).

What we want to achieve is: Providing a message via Jamf Helper that allow the user to quit/postpone the installation of such updates in cases the machine is part of one of the Policies/Smartgroups.
Similar to: https://jamfnation.jamfsoftware.com/discussion.html?id=5404

Well, in version 9, the postpone option is actually built into the product, though I personally wouldn't recommend looking at upgrading just yet until at least one more point release is issued. There are still a number of bugs to squash.

So you know, in Casper Suite 9.x when you set a policy to postpone, it uses jamfHelper with a hud style window and a drop down menu with postpone time choices. What I don't like about how it works is you must assign a drop dead date when the policy will run and not allow any further postpones. This has the effect that if someone is away for several days and comes back to their Mac, they may have already hit the drop dead date and not have the option of postponing. Not very user friendly if that was the goal.

If you'd rather have a method where users can postpone up to X number of times before becoming mandatory, regardless of when they first see the message, then look around here on the forums for some threads on custom scripts that achieve that.

As for checking if a machine is a member of a certain JSS group, yes, it can be done, but why would you need to do that? If you're talking about Smart Groups. you can simply assign the script with the "postpone" message to the Smart Group itself. No need to check membership within the script, since the JSS handles that for you and would only run the policy on the machines in the group to begin with.