Posted on 11-27-2020 03:09 PM
Aside from getting the logged on user, what'a a way to get the username that's assigned to the computer in Jamf? I would like to use it for a policy script.
Posted on 01-26-2021 02:51 PM
In what way would you like to use it?
Posted on 01-26-2021 07:12 PM
Here is a script I use to pull the assigned user in Jamf, pull the model of the device, then rename the computer using the information. It uses the API, so you would need to have a Jamf user with the correct rights assigned using the script variables when setting up the policy.
If you don’t need the device information, then you would just need the jss variables (to pass Jamf user/pass/URL) and the username variable to do the API pull.
#!/bin/sh
jssUser=$4
jssPass=$5
jssHost=$6
serial=$(ioreg -rd1 -c IOPlatformExpertDevice | awk -F'"' '/IOPlatformSerialNumber/{print $4}')
username=$(/usr/bin/curl -H "Accept: text/xml" -sfku "${jssUser}:${jssPass}" "${jssHost}/JSSResource/computers/serialnumber/${serial}/subset/location" | xmllint --format - 2>/dev/null | awk -F'>|<' '/<username>/{print $3}')
if [ "$username" == "" ]; then
echo "Error: Username field is blank."
exit 1
fi
## Get the Model ID from the device
MODEL_ID=$(sysctl hw.model | awk '{print $NF}')
echo "Model ID: $MODEL_ID"
## Determine the model suffix we should use based on the model id
case "$MODEL_ID" in
MacBookA*)
MODEL_SUFFIX="-MBA" ;;
MacBookP*)
MODEL_SUFFIX="-MBP" ;;
iMacP*)
Model_SUFFIX="-iMP" ;;
iMac*)
MODEL_SUFFIX="-iMac" ;;
MacPro*)
MODEL_SUFFIX="-MP" ;;
Macmini*)
MODEL_SUFFIX="-MM" ;;
MacBook*)
MODEL_SUFFIX="-MB" ;;
Paral*)
MODEL_SUFFIX="-VM" ;;
*)
MODEL_PREFIX="-Mc" ;;
esac
echo "Model suffix: $MODEL_SUFFIX"
## Assign the full new computer name to a variable
NEW_NAME="${username}${MODEL_SUFFIX}"
echo "Computer will be renamed to: $NEW_NAME"
## Set the new computer name
/usr/sbin/scutil --set ComputerName "$NEW_NAME"
/usr/sbin/scutil --set LocalHostName "$NEW_NAME"
/usr/sbin/scutil --set HostName "$NEW_NAME"
echo "Computer was renamed to: $NEW_NAME"
exit 0
Posted on 08-28-2024 11:33 AM
I am doing something similar to pull the username, does the script still work for you? Thanks.
Posted on 08-28-2024 11:39 AM
I switched jobs, so don't maintain that script anymore. You would probably need to update it to use token based authentication to access the API, since user based authentication was deprecated by Jamf.
Posted on 01-27-2021 09:48 PM
I push a configuration profile with a few Jamf variables, including assigned user and their email, so I have them in a plist I can read with scripts.
Posted on 08-28-2021 02:32 PM
@alexjdale I'm trying to push a configuration profile with a few Jamf variables (e.g. $USERNAME) too.
Can you share how you can accomplish this?
Will the the plist on the client located in /Library/Managed Perefences/<plist file name>?
Posted on 01-28-2021 05:58 AM
@jbisgett
I'd just like to point out that, depending on how your usernames are formatted, your script may be setting the device name to something containing personally identifiable information. This likely isn't an issue in enterprise, but in education, especially for students, this poses a risk to your users' privacy and security. Device names are broadcast in the clear on any associated network, and could be used by a bad actor to determine the proximity of a particular individual.
I'd suggest using some other unique identifier (e.g. asset tag, MAC address, serial number).
Just my $0.02
Tuesday
@jbisgett You may appreciate this, to change the names of your device on the MDM straight away via API, instead of just on the device, and then wait for a recon to take place. you will need to adjust it to suit your code.
I am going to assume you can figure out how to get the computer ID number via the API.
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<xsl:stylesheet version=\"1.0\" xmlns:xsl=\"http://www.w3.org/1999/XSL/Transform\">
<xsl:output method=\"text\"/>
<xsl:template match=\"/\">
<xsl:value-of select=\"id\"/>
</xsl:template>
</xsl:stylesheet>" > /private/var/tmp/stylesheet.xslt
curl -k \
-H "Authorization: Bearer $jamfProApiToken" \
-H "Content-type: application/xml" \
-X PUT \
-d "<computer><general><name>$updatedmdmdeviceName</name></general></computer>" \
"${jamfProURL}/JSSResource/computers/id/$computerID"
echo "name change applied $updatedmdmdeviceName"