Custom Triggers Script

CH4RL35
New Contributor II

Hi.

I was wondering if there's a script available that will allow me to trigger all of my policies in the order I desire.

Uploaded my current script (not fully grasped the usage of scripts yet)

d5bdd80d5433471bbb60fd0aa3971d8b

204c77f06e0c47db91760d3d7a2c2f96

I'd like it to be a manual trigger for all of my policies but ordered e.g. 10GoogleChrome,20IssueFilevaultkey etc

Please help :D

1 ACCEPTED SOLUTION

Look
Valued Contributor III

Here's the one I created to run arguments $4 thru $11 as custom triggers.
Just put it in a policy and fill the parameters with the triggers in the order you want them run.

#!/bin/bash
echo START
date
for Custom_Policy in $(seq 4 11); do
if [[ "${!Custom_Policy}" ]]; then
echo Running trigger ${!Custom_Policy}
jamf policy -event "${!Custom_Policy}"
fi
done
echo FINISH
date

View solution in original post

6 REPLIES 6

LovelessinSEA
Contributor II

There are a couple of things you can do here. You can build a global script that runs on enrollment complete, in this script you'd want to make sure that the user is actually logged in before the policies start running. (this sounds like what you're wanting to do, I've attached a script that I use, you can ignore the splashbuddy components.

or

To your first policy that runs at enrollment complete, add a files and processes payload to that policy. In your example, you have a custom event trigger set named to manual_trigger. So in the files and process payload in the last box you would type something like:

jamf policy -event manual_trigger

This will trigger the policy that you're calling, then in the next policy you'd add another file and processes payload to trigger the following policy and so on, this will set them off like a daisy chain.

I suggest you take a look at a tool called SplashBuddy even if you don't use it you could maybe get a better understanding on how you can manage the order in which you want your policies to run.

Let me know if you have any questions, if you do decide to use splashbuddy, head over the the splashbuddy channel on slack and there are plenty of people there to help you get it setup.

Here is a script that I run on Enrollment Complete, it's the only policy I run at Enrollment complete and it calls all my other policies in order, feel free to cannibalize it any way you want.

#!/bin/bash

jamfbinary=$(/usr/bin/which jamf)
doneFile="/Users/Shared/.SplashBuddyDone"

sleep 15

while true
do
loggedinuser=$(/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }')

echo $loggedinuser

    if [ "${loggedinuser}" == "root" ] || [ "${loggedinuser}" == "_mbsetupuser" ]; then
    echo "is root or mbsetupuser"
    sleep 10
    else
    echo "is local user"
    break
    fi
done

echo "Installing SplashBuddy"

${jamfbinary} policy -event "install-SplashBuddy"

echo "Drinking some Red Bull so the Mac doesn't fall asleep"
caffeinate -d -i -m -u &
caffeinatepid=$!

echo "Installing Enterpise Connect"

${jamfbinary} policy -event "install-enterpriseconnect"

echo "Installing BlueCoat Certificate"

${jamfbinary} policy -event "install-BCC"

echo "Installing BlueCoat Unified Agent"

${jamfbinary} policy -event "install-BCUA"

echo "Installing Cisco AnyConnect"
${jamfbinary} policy -event "install-AnyConnect"

echo "Installing Skype For Business"
${jamfbinary} policy -event "install-sfb"

echo "Installing Citrix Receiver"
${jamfbinary} policy -event "install-citrix"

echo "Pulling down FileVault 2 configuration"
${jamfbinary} policy -event "requireFV2"

echo "Setting up Dock"
${jamfbinary} policy -event "setDock"

echo "Adobe Reader"
${jamfbinary} policy -event "adobereader"

echo "Installing Microsoft Office"
${jamfbinary} policy -event "install-office"

echo "Installing VPN Settings"
${jamfbinary} policy -event "install-vpnsettings"

echo "Certificate Import"
${jamfbinary} policy -event "certimport"

echo "Enterprise Connect launcher"
${jamfbinary} policy -event "eclauncher"

serial_number=`ioreg -l | grep IOPlatformSerialNumber|awk '{print $4}' | cut -d " -f 2`
/usr/sbin/scutil --set ComputerName $serial_number
/usr/sbin/scutil --set LocalHostName $serial_number
/usr/sbin/scutil --set HostName $serial_number

sleep 10s

#adbind uses a files and processes payload to call "finalsetup"
echo "Active Directory Binding"
${jamfbinary} policy -event "adbind"

echo "Creating done file"
touch "$doneFile"

echo "Quitting SplashBuddy"
osascript -e 'quit app "SplashBuddy"'

echo "Unloading and removing Splashbuddy Launchagent"
launchctl unload /Library/LaunchDaemons/io.fti.splashbuddy.launch.plist
rm -f /Library/LaunchDaemons/io.fti.splashbuddy.launch.plist

echo "Deleting SplashBuddy"
rm -rf "/Library/Application Support/SplashBuddy"

echo "Deleting lunch agent"
launchctl remove io.fti.SplashBuddy.launch

echo "Drank waaaayyyyy too much Red Bull"
kill "$caffeinatepid"


# OS X Version check potential

sw_vers_MajorNumber=`/usr/bin/sw_vers -productVersion | /usr/bin/cut -d. -f 2`

# Restart in 5 seconds if version above 10.12
if [ $sw_vers_MajorNumber -ge 12 ]; then
    echo "software is 10.12 or lower"
    kill -9 `pgrep loginwindow`
else
    echo "software is over 10.12"
    /sbin/reboot
fi

Look
Valued Contributor III

Here's the one I created to run arguments $4 thru $11 as custom triggers.
Just put it in a policy and fill the parameters with the triggers in the order you want them run.

#!/bin/bash
echo START
date
for Custom_Policy in $(seq 4 11); do
if [[ "${!Custom_Policy}" ]]; then
echo Running trigger ${!Custom_Policy}
jamf policy -event "${!Custom_Policy}"
fi
done
echo FINISH
date

CH4RL35
New Contributor II

Thanks Guys!

matthew_johnson
New Contributor II

@LovelessinSEA

I am curious about the details of how splashbuddy works with your policies names and package names. i haven't delved into Splashbuddy very far, so excuse my ignorance. From your script you aren't using the naming scheme that is recommended on the Splashbuddy Kickstart guide for your policies.

Is this because you are not using the enrollment trigger for you software installation and instead using a custom script to fire off the installs?

Thanks for you post, it helped me break through some issues I was having.

LovelessinSEA
Contributor II

@matthew.johnson You are correct. I chose to use a global script to fire off all of the policies instead of relying on the 01, 02, 03 naming convention. I chose this method along with a files and process payload to handle other policies to they fire off in a very specific order. This allows me to troubleshoot any issues that arise with my enrollment workflow.

You still must use the required splashbuddy naming convention for the package names, ie anyconnect-4.5.pkg

chris_miller
Contributor

nice script @LovelessinSEA