Files and Processes Payload - how to use it

New Contributor III

Hi everyone,

I'm trying to understand the use of this Payload, because there is no actually description (with examples) in Jamf admin guide.
Here is the scenario that I'm trying to follow:

  • there is a policy to have this Corporate app installed with the Splashbuddy, in a specific step, where I've added a "Custom event" to be used for the future policies (e.g.: Policy's Custom event is called "04InstallTheApp")
  • I've created another policy to check the Macs for this Corporate app and to trigger the "04InstallTheApp", IF the app is not there anymore (preventing the users to remove it for good) Now, under the Files and Processes payload of this policy, I can add the Execute command like this: "/usr/local/jamf/bin/jamf policy -event 04InstallTheApp", but I'm trying to understand the logic of this, since I don't see how the policy is looking to "see" if the app is not installed on these Macs (there is nothing else configured under this payload OR under the whole policy).

Can anyone please explain, because I have a feeling that I'm missing something in here, because I don't know where is the "IF" condition in this whole scenario, in order to trigger the event to install that app?




Valued Contributor III

The "logic" is going to be handled by scoping, or more explicitly with scripts if you want to add more complexity.

If all you want to do is install an app for systems that don't have it, you can just have a policy scoped to a smart group of systems that do not have that app installed, and the policy's only payload would be to install it. The scope would provide that "If" element.

With scripts and event triggers you can expand on this, but that's the simple version I'd start with.

New Contributor III

Ah! You're right...I totally forgot about the scope. πŸ™‚
That should take care of it.

Thanks @alexjdale !

New Contributor III

The title of your discussion seemed to fit, not trying to hijack

It states that commands run as root user so would you still need to use sudo?
"sudo jamf flushPolicyHistory"
or would just "jamf flushPolicyHistory" be the proper way to do it?