DEP Notify - Automation

kadams
Contributor

Hey guys, hope you're having a good day/night. I worked on automating the setup of our laptops at my job. Currently I have policy that has a script that calls other polices to run in order. This runs right after enrollment is complete. Those policies are all of the base policies that we push out on every machine. With DEP Notify, I have a script that grabs all of the software from smart groups. There is a custom trigger on several policies. The script grabs those policies and installs them. I have a smart group that has computer names. So when I type in a computer name, DEP Notify grabs software based on that. I have a few issues with this. 1. My manager doesn't quite understand how I put it together. At least i feel like he may not have the patience to actually understand it. Also, he feels like its too complicated for users to follow. This automation project was meant to cut down my time setting up laptops. Also, it was meant for users to be able to do it themselves. I wrote up a guide but it ended up being too complicated according to my boss and his manager. I spent a lot of time doing this project and trying to get it right. I don't have great scripting skills so I had to use scripts found online. Is there a simpler way to do this project?. The project works for me because I do this all the time.

10 REPLIES 10

Hugonaut
Valued Contributor

This script provided by JAMF is excellent - https://github.com/jamf/DEPNotify-Starter/blob/master/depNotify.sh

I have our DEP-Notify set up with this script after troubleshooting my own, this came out and it did everything I needed for my organization.

It allows you to enter the Computers Name, Department, Building, etc (With some slight modification you can make it whatever you want really)

Mine is as follows, At Enrollment, flushes all policy history and then Set Computer Name, Department, Building & Custom Event Triggers.

So with the script, Computer is named, department and building are set, allowing for scoped policies to deploy to whichever is chosen, then the custom event triggers runs for all the default applications for all our devices and wallah, from OEM Mojave to Our organizations setup in the matter of minutes from opening the box and plugging it in.

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman

kadams
Contributor

@Hugonaut My scripting knowledge isn't as great. I looked at this one and I couldn't figure out how to edit it the way I need to. I need mine to be setup exactly how you mentioned yours is. I want users to open their machines and do all of that at enrollment. I need specific software to be installed depending on which department the user is in. We also aren't using Active directory if you're wondering.

Hugonaut
Valued Contributor

With the script provided you need little scripting knowledge, you can simply modify some of the variables and set everything else up in JAMF, scoping policies to departments, etc.

Take some time to read through the script I linked and check out this site - https://www.learnshell.org/ run through some of the tutorials and you will have enough know how to make it work

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman

ryan_ball
Valued Contributor

Using DEPNotify either requires scripting knowledge, or the use of somebody else's script; consequently you'd need to deal with the complexities involved with using a script not meant for your specific environment.

Like @Hugonaut mentioned though, the JAMF script is a good place to start. This site talks about the script a bit so you might understand the way it works.

jp2019
New Contributor III

This script looks like it will do what we need as well, but I cannot get DEPNotify.app to launch. I have not seen the DEPNotify.sh in action, because I can't get the app to work with that script. When I launch DEPNotify.app manually, it gives me the defualt splash screen and a popup that the configuration is done. Can someone please help, I am not scripter, but learning a lot being here. Any assistance I can get will be greatly appreciated. This setup is not working for me:
I have the DEPNotify policy with the app and the launch script
Then I have the DEPNotify Starter script

jchurch
Contributor II

will this script work with out creating a local user?

kerouak
Valued Contributor

@jp2019

Create a policy to trigger at 'enrollment'

Include the DEPNotify package and your DepNotify Script.

The base script already contains the asset and computer name selection entries.

You can alter these as required.

Below this is a popup (popup4)

Yo add departments, Buildings etc. to this popup menu, then run the required commands..
Here I have one for departments and a static building:

# Popup 4 - Code is here but currently unused ####################################################################################### # Label for the popup REG_POPUP_LABEL_4="Department Name" # Array of options for the user to select REG_POPUP_LABEL_4_OPTIONS=( "CSM" "CSM F&V" "Department 3" ) # Help Bubble for Input. If title left blank, this will not appear REG_POPUP_LABEL_4_HELP_TITLE="Dropdown 4 Field" REG_POPUP_LABEL_4_HELP_TEXT="This dropdown is currently not in use. All code is here ready for you to use. It can also be hidden by removing the contents of the REG_POPUP_LABEL_4 variable." # Logic below was put in this section rather than in core code as folks may # want to change what the field does. This is a function that gets called # when needed later on. BE VERY CAREFUL IN CHANGING THE FUNCTION! REG_POPUP_LABEL_4_LOGIC (){ REG_POPUP_LABEL_4_VALUE=$(defaults read "$DEP_NOTIFY_USER_INPUT_PLIST" "$REG_POPUP_LABEL_4") echo "Status: $REGISTRATION_BEGIN_WORD $REG_POPUP_LABEL_4 $REGISTRATION_MIDDLE_WORD $REG_POPUP_LABEL_4_VALUE" >> "$DEP_NOTIFY_LOG" if [ "$TESTING_MODE" = true ]; then sleep 10 else "$JAMF_BINARY" recon -department "$REG_POPUP_LABEL_4_VALUE" sleep 10 "$JAMF_BINARY" recon -building "CSM Film & Video" fi }

The 2 commands that write the data back to the JSS are as follows: "$JAMF_BINARY" recon -department "$REG_POPUP_LABEL_4_VALUE" sleep 10 "$JAMF_BINARY" recon -building "CSM Film & Video""

So, DEpNotify will allow entry for the Asset Number and have a popup for Department selection, and will write the Preset building back to the JSS.
This will then fall into certain smart groups to trigger relevant policies and Config profiles.

Hope this helps some...

jchurch
Contributor II

how do you get this to run without having a user login?

Eigger
Contributor III

@kadams Please give Mac Deploy Stick a try. Create workflows for different types of users, and do not skip Setup Assistant and let your users finish it up. Watch the video and look them up on MacAdmins Slack to learn more.

VitorCostaUK
New Contributor III

@kadams , you might want to invest in an app called Code Runner https://coderunnerapp.com , this app will help you play around with scripts and see what they will do and give you the right outcome