a week ago
Hi all,
We are looking to mass deploy a silent push where we can push random generated or making use builtin information for computer naming convention silently.
We need to mass deploy this to our existing computers without user interaction.
Does any know what the possibilities are with macos 14 and 15 and if something someone has?
a week ago
@tegus232 You can try something like this. Thanks
#!/bin/bash
serialNumber=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}')
loggedinuser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
name=$loggedinuser-$serialNumber
scutil --set HostName $name
scutil --set LocalHostName $name
scutil --set ComputerName $name
a week ago
Much like @karthikeyan_mac I have found it best to set hostnames to match the serial number. The SN is generally random, would not usually ever be a duplicate, can be used to easily identify a device, reveals no PII and can be set by a script with no user interaction, visiblity or impact.
This is the script I have been using for years.
#!/usr/bin/bash
#*=============================================================================
#* Script Name:
#* Created:
#* Author:
#*=============================================================================
#* Purpose: Changes Mac hostname to match SN if it does not already match
#*=============================================================================
#*=============================================================================
#* GLOBAL VARIABLES
#*=============================================================================
computerName=$(scutil --get ComputerName)
hostName=$(scutil --get HostName)
localHost=$(scutil --get LocalHostName)
serialNumber=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}')
serialNumberII=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}' | tr -d '"')
#*=============================================================================
#* FUNCTIONS
#*=============================================================================
#*=============================================================================
#* SCRIPT BODY
#*=============================================================================
userInfo
## Check & Update Computer Name
if [ "$computerName" == "$serialNumber" ]
then
echo "Computer name matches serial number, $serialNumber"
else
echo "Current Computer Name: $computerName"
echo "Computer Name does not meet standards"
echo "Changing Computer Name to match Serial Number"
scutil --set ComputerName "$serialNumber"
fi; $DIV2
## Check & Update Host Name
if [ "$hostName" == "$serialNumber" ]
then
echo "Host Name matches serial number, $serialNumber"
else
echo "Current Host Name: $hostName"
echo "Host Name does not meet standards"
echo "Changing Host Name to match Serial Number"
scutil --set HostName "$serialNumber"
fi; $DIV2
## Check & Update Local Host
if [ "$localHost" == "$serialNumber" ]
then
echo "Local Host matches serial number, $serialNumber"
else
echo "Current Local Host: $localHost"
echo "Local Host does not meet standards"
echo "Changing Local Host to match Serial Number"
scutil --set LocalHostName "$serialNumber"
fi; $DIV2
## Final Check
computerNameII=$(scutil --get ComputerName)
hostNameII=$(scutil --get HostName)
localHostII=$(scutil --get LocalHostName)
echo "Results:"; $DIV3
echo "Serial number: $serialNumber"
echo "Computer Name: $computerNameII"
echo "Host Name: $hostNameII"
echo "Local Host: $localHostII"
if [[ "$computerNameII" == "$serialNumber" ]] && [[ "$hostNameII" == "$serialNumber" ]] && [[ "$localHostII" == "$serialNumber" ]]
then
echo "Computer Name satisfies naming standards"
$DIV1; exit 0
else
echo "Computer does not meet naming standars"
echo "More troubleshooting will be necessary."
$DIV1; exit 1
fi
#*=============================================================================
#* END OF SCRIPT
#*=============================================================================
a week ago
I keep seeing responses to these threads with more complex scripts that pull the data from the computer, but Jamf already has this information. Jamf also has a built-in command to do all this in 1 line. setComputerName
You don't even have to run it as a script; you can just run it as a File and Processes > Execute Command policy payload
a week ago
Jamf’s documentation for setComputerName
actually recommends using it as a script, not as a File and Process payload. While the command works, it doesn’t really match what OP is asking for—a random computer name. setComputerName
requires you to either define the hostname manually or use a Jamf parameter, so if you want a truly random hostname, you’d still need a script. At that point, you’re back to using scripting, not just a File and Process payload.
@karthikeyan_mac solution can actually be used as a File and Process payload, too. For example, you could drop the following into the “Execute Command” text box under Files and Processes, and it’ll do the same thing as their script:
name=$(echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ && ! /loginwindow/ { print $3 }')-$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}'); scutil --set HostName "$name"; scutil --set LocalHostName "$name"; scutil --set ComputerName "$name"
My script includes error checking, but if you strip that out, it can also be simplified to work in a Files and Processes payload. The big upside of doing it this way is that it doesn’t rely on Jamf data. It’s not so much that the script is “pulling” data from the device—the script is already running on the device, so the data is just there. When you use a script that depends on Jamf data, you’re introducing another layer where something could go wrong.
Also, production-ready code is usually more verbose and can appear more complex because it includes error checking, event logging, and auditing. These aren’t just extra steps—they’re critical for making sure the script works reliably, helps with troubleshooting, and provides a trail for compliance and accountability.
At the end of the day, there’s no one-size-fits-all answer. Personally, I write my scripts to be independent of Jamf whenever possible so they can be used with other MDMs, tools like ControlUp or Tanium, or even run manually if needed. This way, the script works no matter where it’s deployed.
Tuesday
I agree. This is the simplest way to set the computer name to the device serial number. I've been using it for years as the first policy that runs at enrollment.
jamf setComputerName -useSerialNumber;