Detect Duo Appliation installed for smart group

bryan_garrant
New Contributor III

Hi, we roll out Duo 2FA to our fleet, we install it via jamf and it comes up as this plist file com.duosecurity.maclogon.plist. /private/var/root/Library/Preferences/com.duosecurity.maclogon.plist

Does anyone have a way I can view this application and create a smart group if it is in fact installed or get it to show in inventory? Any advice is appreciated. TIA.

7 REPLIES 7

WilsonFredonia
New Contributor III

Hi Bryan,
I am testing making an extension attribute for this purpose and will follow up once I see how well it works.
Matt

juanclear
New Contributor

hi Wilson, were you able to get this working?

Hi Juan,

Yes, me and my colleague were able to get this working with the following script outputting a string. I was then able to create a smart group based off the EA and the OS version to make sure we updated the computers that were falling out of support.

#!/bin/sh
if [ -f /private/var/root/Library/Preferences/com.duosecurity.maclogon.plist ]
then 
  echo "<result>Duo Installed</result>"
else
  echo "<result>Duo Not Installed</result>"
fi

 

This is great. 

Do you run that script on  your fleet? and then use the smart group?

 

The script is in the Extension Attribute portion of Jamf so that runs automatically across the fleet and then populates that portion of the inventory. I can then configure the Smart Group to populate based off of the EA response.

bryan_garrant
New Contributor III

This sounds promising, Can you elaborate on the Extension Attribute?

I see how to make one just not sure where I would input the bash script?  

Below is what the EA looks like as ours is configured. Here is Jamf's documentation on creating EAs 

Screen Shot 2022-02-01 at 11.44.10 AM.png