Jamf Nation Community

bryan_garrant · ‎11-17-2020

Hi, we roll out Duo 2FA to our fleet, we install it via jamf and it comes up as this plist file com.duosecurity.maclogon.plist. /private/var/root/Library/Preferences/com.duosecurity.maclogon.plist

Does anyone have a way I can view this application and create a smart group if it is in fact installed or get it to show in inventory? Any advice is appreciated. TIA.

WilsonFredonia · ‎12-03-2020

Hi Bryan,
I am testing making an extension attribute for this purpose and will follow up once I see how well it works.
Matt

juanclear · ‎01-04-2022

hi Wilson, were you able to get this working?

WilsonFredonia · ‎01-04-2022

Hi Juan,

Yes, me and my colleague were able to get this working with the following script outputting a string. I was then able to create a smart group based off the EA and the OS version to make sure we updated the computers that were falling out of support.

#!/bin/sh
if [ -f /private/var/root/Library/Preferences/com.duosecurity.maclogon.plist ]
then 
  echo "<result>Duo Installed</result>"
else
  echo "<result>Duo Not Installed</result>"
fi

bryan_garrant · ‎02-01-2022

This is great.

Do you run that script on your fleet? and then use the smart group?

WilsonFredonia · ‎02-01-2022

The script is in the Extension Attribute portion of Jamf so that runs automatically across the fleet and then populates that portion of the inventory. I can then configure the Smart Group to populate based off of the EA response.

bryan_garrant · ‎02-01-2022

This sounds promising, Can you elaborate on the Extension Attribute?

I see how to make one just not sure where I would input the bash script?

WilsonFredonia · ‎02-01-2022

Below is what the EA looks like as ours is configured. Here is Jamf's documentation on creating EAs

Jamf Nation Community

Detect Duo Appliation installed for smart group