FileVault 2: How to sort by Disk Drive Type (i.e. Rotational vs. SSD)

This is an old extension attribute we used to differentiate between Macs with HDD and SSD boot volumes. It might help achieve what you're trying to do.

#!/usr/bin/python
import plistlib
import subprocess

p = plistlib.readPlistFromString(subprocess.check_output(['system_profiler', 'SPStorageDataType', '-xml']))

def mediumtype():
    for i in range(len(p[0]['_items'])):
        if str(p[0]['_items'][i]['mount_point']) == "/":
            return str(p[0]['_items'][i]['com.apple.corestorage.pv'][0]['medium_type'])

print("<result>" + mediumtype().upper() + "</result>")

@sepiemoini let's look at your request in 2 parts.

• I believe the best way to find out if the drive is SSD or not is to use an Extension Attribute. Others can let me know if there is a JSS field available that I don't see. The ext attribute could be (I've only tested this on Yosemite)

#!/bin/sh
echo "<result>" `diskutil info / | grep "Solid State" | awk '{ print $3 }'` "</result>"

That assumes that your Root (aka /) disk is the main internal disk. It will give you a Yes or No answer.

• The better way to setup your criteria is to change FileVault 2 Status to "Is Not" "Boot Partitions Encrypted". That way the Smart Group will discard external Media. If you keep "No Partitions Encrypted" then External drives and mounted images will fall into the group. After you get the FV2 Status setup, then you can add the Ext Attribute as an AND Criteria.

Thanks, @bkramps--I've update the FileVault 2 Status field as suggested. Regarding the custom extension attribute, neither examples seem to work properly. Any other ideas @brysontyrrell @bkramps?

@sepiemoini In your echo statement, you want result, not return. That may be where your error lies.
When I put your Ext Attribute into my environment and change to result, I get the desired result.

If you know the model identifier (MacBookPro12,2) you can make a table which has SSD or not (use Mactracker and the like)

Is that easier than finding the type of disk with you own script?

@sepiemoini No, each machine will report that attribute at next Update (aka recon). You can force a recon on a machine if you want via Terminal with sudo jamf recon -verbose
With the verbose tag, you can see if the attribute is actually run.

@bkramps Noted and thanks! Some machine are still reporting attributes from the previous iterations of this custom extension attribute. I assume that these will go away and update to the new string/variables when they check back in?

@sepiemoini Yes, the next time those machines do an inventory they will rerun the Attribute script and put in the new data.

Thanks for the help, @bkramps! I've gone ahead and marked the above as the solution. When I left work last night, 16 of 447 machines had checked back in with the proper extension attribute field populate. This morning that number had sky-rocketed to 148! I'll continue to monitor this and proceed with my FV2 encryption project following a higher return of machines who have checked in.

Just used the script to differentiate between SSD and the HDDs in my environment. Nicely done all.