Extension Attributes not populating

MajorHeck
New Contributor

Hi all,

Not sure why this is failing. I have an Extension Attribute that will simply not populate and I truly cannot figure out why. This EA runs a script that checks for the existence of a certificate on a custom keychain, then outputs either "Found" or "Not found" accordingly. I have removed proper names for privacy reasons:

#!/bin/bash

result=$(security find-certificate -a -c 'certificateName' keychainName.keychain)
search='certificateName'

if [[ "$result" == *"$search"* ]]; then
echo "<result>Certificate Found</result>"
else
echo "<result>Not found</result>"
fi

Running this script on a machine (outside of Jamf) returns the expected result. Once a device updates, the EA stays blank. Any help is super appreciated.

1 ACCEPTED SOLUTION

Tangentism
Contributor III

Your question is almost word for word the same as.....

Your command results in a lot of data from each certificate it finds whereas you should reduce what you want with grep then pipe to awk such as:

 

result=$(security find-certificate -a -c 'JSS' /Library/Keychains/System.keychain | grep labl | awk -F'=' '{print $2}')

 

Then do not quote the right hand string in the if...fi comparison so it looks like:

 

if [[ "$result" == *$search* ]]; then...

 

The reason not to quote the right hand string comparison is because using either " or ' will treat the * as a normal character and not a wildcard operator.

View solution in original post

2 REPLIES 2

Tangentism
Contributor III

Your question is almost word for word the same as.....

Your command results in a lot of data from each certificate it finds whereas you should reduce what you want with grep then pipe to awk such as:

 

result=$(security find-certificate -a -c 'JSS' /Library/Keychains/System.keychain | grep labl | awk -F'=' '{print $2}')

 

Then do not quote the right hand string in the if...fi comparison so it looks like:

 

if [[ "$result" == *$search* ]]; then...

 

The reason not to quote the right hand string comparison is because using either " or ' will treat the * as a normal character and not a wildcard operator.

you don't need grep to awk...

 

security find-certificate -a -c 'JSS' /Library/Keychains/System.keychain | awk -F '=' '/labl/{print $2}'