+5I know Binding is dead.
But I have an issue that needs to be addressed with AD and computer names. Currently I am running a generic script that renames a macbook to the logged in user and the model of their Mac. ie: "nameuser-mbkp"
In order for our wifi and our VPN to work the device needs to exist in a specific AD OU.
How could I automate an export of the computer names and feed it into a PowerShell instance to feed the AD OU?
Any thoughts and ideas would be great.
+21Can't really help with the feed into AD, but you should be able to create a script that polls the api to get a list of all computer records. Something like this:
curl -X GET "https://hostname.jamfcloud.com/JSSResource/computers" -H "accept: application/xml"
As a side note however, using PII (e.g. username or real name) in a device name is a SIGNIFICANT security and/or safety risk. If the users are adults, you're probably fine, but if this is in a K12 deployment, it's probably a good idea to have a conversation with leadership about this as soon as possible. Just my $0.02
+5Can't really help with the feed into AD, but you should be able to create a script that polls the api to get a list of all computer records. Something like this:
curl -X GET "https://hostname.jamfcloud.com/JSSResource/computers" -H "accept: application/xml"
As a side note however, using PII (e.g. username or real name) in a device name is a SIGNIFICANT security and/or safety risk. If the users are adults, you're probably fine, but if this is in a K12 deployment, it's probably a good idea to have a conversation with leadership about this as soon as possible. Just my $0.02
Yeah. I agree that it is a huge risk. We are a corporation however, so that does help. But I agree. I have had those conversations and we are implementing other considerations. Just in this moment, its not approved to do so.
As far as the script. When I run that command directly I get a status page and a request for user authentication.
+21Yeah. I agree that it is a huge risk. We are a corporation however, so that does help. But I agree. I have had those conversations and we are implementing other considerations. Just in this moment, its not approved to do so.
As far as the script. When I run that command directly I get a status page and a request for user authentication.
Curl supports passing a username and password. Sorry for the confusion. I just pasted in the example text from the api documentation (https://yourinstance.jamfcloud.com/api/).
Here's an example from one of my api scripts (pulling different data though):
/usr/bin/curl -k -u ${user}:${pass} -H "Accept: application/xml" ${jssurl}/JSSResource/computers/serialnumber/${serial}/subset/general -X GET -o /tmp/${serial}.xmlVariables obviously are defined earlier in the script.
+5Curl supports passing a username and password. Sorry for the confusion. I just pasted in the example text from the api documentation (https://yourinstance.jamfcloud.com/api/).
Here's an example from one of my api scripts (pulling different data though):
/usr/bin/curl -k -u ${user}:${pass} -H "Accept: application/xml" ${jssurl}/JSSResource/computers/serialnumber/${serial}/subset/general -X GET -o /tmp/${serial}.xmlVariables obviously are defined earlier in the script.
That would work I think. However after some discussion with my team. I think we are going to export a CSV from JAMF via Email and parse it into SCCM daily. I think that will do the trick.
+12We are in the same boat for our wifi and vpn certs.. Though our naming scheme is different. We use the serial of the device and a combo of other characters. Since it looks like you are creating a generic username for the machines (or close to it.) Perhaps either batch powershell all the users in your company to being part of that AD OU. Then make it part of your onboarding and offboarding process to add and remove from the OU
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
