Getting the username that's assigned in Jamf

mwu1876
Contributor

Aside from getting the logged on user, what'a a way to get the username that's assigned to the computer in Jamf? I would like to use it for a policy script.

8 REPLIES 8

Chris_Hafner
Valued Contributor II

In what way would you like to use it?

jbisgett
Contributor II

Here is a script I use to pull the assigned user in Jamf, pull the model of the device, then rename the computer using the information. It uses the API, so you would need to have a Jamf user with the correct rights assigned using the script variables when setting up the policy.

If you don’t need the device information, then you would just need the jss variables (to pass Jamf user/pass/URL) and the username variable to do the API pull.

#!/bin/sh

jssUser=$4
jssPass=$5
jssHost=$6

serial=$(ioreg -rd1 -c IOPlatformExpertDevice | awk -F'"' '/IOPlatformSerialNumber/{print $4}')

username=$(/usr/bin/curl -H "Accept: text/xml" -sfku "${jssUser}:${jssPass}" "${jssHost}/JSSResource/computers/serialnumber/${serial}/subset/location" | xmllint --format - 2>/dev/null | awk -F'>|<' '/<username>/{print $3}')


if [ "$username" == "" ]; then
    echo "Error: Username field is blank."
    exit 1
fi

## Get the Model ID from the device
MODEL_ID=$(sysctl hw.model | awk '{print $NF}')
echo "Model ID: $MODEL_ID"

## Determine the model suffix we should use based on the model id
case "$MODEL_ID" in
    MacBookA*)
    MODEL_SUFFIX="-MBA" ;;
    MacBookP*)
    MODEL_SUFFIX="-MBP" ;;
    iMacP*)
    Model_SUFFIX="-iMP" ;;
    iMac*)
    MODEL_SUFFIX="-iMac" ;;
    MacPro*)
    MODEL_SUFFIX="-MP" ;;
    Macmini*)
    MODEL_SUFFIX="-MM" ;;
    MacBook*)
    MODEL_SUFFIX="-MB" ;;
    Paral*)
    MODEL_SUFFIX="-VM" ;;
    *)
    MODEL_PREFIX="-Mc" ;;
esac

echo "Model suffix: $MODEL_SUFFIX"

## Assign the full new computer name to a variable
NEW_NAME="${username}${MODEL_SUFFIX}"
echo "Computer will be renamed to: $NEW_NAME"

## Set the new computer name
/usr/sbin/scutil --set ComputerName "$NEW_NAME"
/usr/sbin/scutil --set LocalHostName "$NEW_NAME"
/usr/sbin/scutil --set HostName "$NEW_NAME"

echo "Computer was renamed to: $NEW_NAME"

exit 0

I am doing something similar to pull the username, does the script still work for you? Thanks.

 

 

I switched jobs, so don't maintain that script anymore. You would probably need to update it to use token based authentication to access the API, since user based authentication was deprecated by Jamf.

alexjdale
Valued Contributor III

I push a configuration profile with a few Jamf variables, including assigned user and their email, so I have them in a plist I can read with scripts.

@alexjdale I'm trying to push a configuration profile with a few Jamf variables (e.g. $USERNAME) too.

Can you share how you can accomplish this?

  • Do you create a plist file with the placeholder variable (e.g. $USERNAME) inside the plist file?
  • Do you use the "Application & Custom Settings" payload with Upload option to upload the plist?

Will the the plist on the client located in /Library/Managed Perefences/<plist file name>?

jcarr
Release Candidate Programs Tester

@jbisgett

I'd just like to point out that, depending on how your usernames are formatted, your script may be setting the device name to something containing personally identifiable information. This likely isn't an issue in enterprise, but in education, especially for students, this poses a risk to your users' privacy and security. Device names are broadcast in the clear on any associated network, and could be used by a bad actor to determine the proximity of a particular individual.

I'd suggest using some other unique identifier (e.g. asset tag, MAC address, serial number).

Just my $0.02

Malcolm
Contributor II

@jbisgett  You may appreciate this, to change the names of your device on the MDM straight away via API, instead of just on the device, and then wait for a recon to take place. you will need to adjust it to suit your code.

I am going to assume you can figure out how to get the computer ID number via the API.

 

 

 

echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
			<xsl:stylesheet version=\"1.0\" xmlns:xsl=\"http://www.w3.org/1999/XSL/Transform\">
  			<xsl:output method=\"text\"/>
  			<xsl:template match=\"/\">
   			<xsl:value-of select=\"id\"/>
  			</xsl:template>
			</xsl:stylesheet>" > /private/var/tmp/stylesheet.xslt

  			curl -k \
    		-H "Authorization: Bearer $jamfProApiToken" \
    		-H "Content-type: application/xml" \
    		-X PUT \
    		-d "<computer><general><name>$updatedmdmdeviceName</name></general></computer>" \
    		"${jamfProURL}/JSSResource/computers/id/$computerID"
  			echo "name change applied $updatedmdmdeviceName"