Skip to main content
Solved

Extension Attribute - Zscaler loggedin

  • May 31, 2022
  • 4 replies
  • 48 views
aburrow007
Forum|alt.badge.img+4

I'm trying to put together an Extension Attribute that will alert me to whether zscaler is logged in or not.

This is what I've come up with.  It works when run locally, and I thought it was working when run through Jamf but I'm noticing that machines are now reporting back as "No" when I have checked and zscaler is correctly logged in.  Just wondering if anyone else has an EA that they use or could tell me what's happening.

Thanks

#!/bin/bash currentUser=`ls -l /dev/console | awk '{print $3}'` if (security find-generic-password -l 'com.zscaler.tray'); then echo "<result>Yes</result>" else echo "<result>No</result>" fi exit 0

Best answer by AlexHoffman

We use two different Extension attributes, one checks that the Zscaler tunnel is running (so user is logged in) and another to check if the Application is running. 

Tunnel Status is this code

#!/bin/bash # check for process PROCESS=$( pgrep ZscalerTunnel ) #see if process is running if [[ -z "$PROCESS" ]]; then RESULT="Not Running" else RESULT="Running" fi #report results echo "<result>${RESULT}</result>"

Check for Application running is this:

#/bin/bash if ps auxwww | grep -i ZscalerTunnel | grep root >/dev/null 2>&1; then RESULT="zscaler running" else RESULT="zscaler not running" fi echo "<result>$RESULT</result>"

 

    4 replies

    DBrowning
    Forum|alt.badge.img+24
    • DBrowning
    • Esteemed Contributor
    • 668 replies
    • May 31, 2022

    Take a look here:  https://community.jamf.com/t5/jamf-pro/zscaler-deployment-with-strict-enforcement/m-p/260731#M240558 

    A
    Forum|alt.badge.img+8
    • AlexHoffman
    • Contributor
    • 25 replies
    • Answer
    • June 1, 2022

    We use two different Extension attributes, one checks that the Zscaler tunnel is running (so user is logged in) and another to check if the Application is running. 

    Tunnel Status is this code

    #!/bin/bash # check for process PROCESS=$( pgrep ZscalerTunnel ) #see if process is running if [[ -z "$PROCESS" ]]; then RESULT="Not Running" else RESULT="Running" fi #report results echo "<result>${RESULT}</result>"

    Check for Application running is this:

    #/bin/bash if ps auxwww | grep -i ZscalerTunnel | grep root >/dev/null 2>&1; then RESULT="zscaler running" else RESULT="zscaler not running" fi echo "<result>$RESULT</result>"

     

    S
    Forum|alt.badge.img+11
    • swapple
    • Valued Contributor
    • 164 replies
    • June 26, 2022

    I wonder of there is any way to curl http://ip.zscaler.com to get an outside opinion. 

    T
    Forum|alt.badge.img+5
    • techfan42
    • New Contributor
    • 7 replies
    • July 14, 2023

    Your solution helped me with what I was looking for, thank you. I know this has been answered but I thought I would point out one thing. You are storing the currentUser as a variable but not calling that variable. You need to run the security command as the currentUser.

     

    #!/bin/bash currentuser=`ls -l /dev/console | awk '{print $3}'` if (su - $currentUser -c "security find-generic-password -l 'com.zscaler.tray'"); then echo "<result>Yes</result>" else echo "<result>No</result>" fi exit 0

     

     


    Terms & ConditionsCookie settingsAccessibility statement