Jamf Nation Community

jun_zhang · ‎08-21-2023

I've used command sudo jamf removemdmprofile and sudo jamf removeframework to fix certificate expired issue, After that I renerolled my mac with Jamf with web. My mac received all configuration profiles, but self service applicaton and jamf binary can not be pushed on my mac.

Anyone knows how to install that manually?

TrentO · ‎08-22-2023

401 means that you were not properly authenticated when accessing the API. To authenticate you will need to get a bearer token from the 'api/v1/auth/token' endpoint first. Then you would include this token as 'Authentication: Bearer {{TOKEN}}' as a header with the rest of your API requests. Instructions on how to do this are found here (https://developer.jamf.com/jamf-pro/reference/post_v1-auth-token) and here (https://developer.jamf.com/jamf-pro/docs/client-credentials).

This is a bit convoluted unless you are already familiar with using APIs, so I recommend using your instances API docs directly as it provides a nice graphical interface for making one off API calls. Navigate to https://YourJamfServer.com/api/doc/#/jamf-management-framework (replacing YourJamfServer.com with the URL and possibly port to your jamf instance. This will take you to a page which looks like this.

From there you can login using the fields provided using your username and password and click authorize. This is the equivalent of getting the bearer token I mentioned earlier.

Then scroll down to the "jamf-management-framework" section and click to expand.

Click try it out as seen above and then enter the JSS ID of the computer you want to install the jamf binary on in the ID field. Then click execute.

You will see the result of the command in the Responses section below the execute button.

Hope that helps!

View solution in original post

Bol · ‎08-23-2023

@jun_zhang wrote:
Thanks a lot.I've downloaded that gz files. Would you like to tell me how to install jamf binary with that gz file?

@jun_zhang
Similar to a zip / compressed image file, once downloaded, use the following to extract into your current user profile folder;

gunzip -fq ~/jamf.gz ~/jamf

Or if you are copying from your Downloads, back into the Jamf binary original location;

gunzip -fq ~/Downloads/jamf.gz /usr/local/jamf/bin/jamf

View solution in original post

jun_zhang · ‎08-21-2023

I tried run sudo jamf policy, but it said command not found.

dan-snelson · ‎08-21-2023

In case the following proves helpful:

Jamf binary self-heal via Terminal

TrentO · ‎08-21-2023

This is precisely what the redeploy Jamf Managment framework API endpoint is for.

https://developer.jamf.com/jamf-pro/reference/post_v1-jamf-management-framework-redeploy-id

It relies on a working MDM enrollment, since it uses the Install Application MDM command to send the Jamf binary to the device. Unfortunately there is no GUI element in the Jamf Pro UI so the only way to use it is from the API endpoint. Luckily, the the OpenAPI documentation makes this easy. Just go to https://yourJamfserver.com/api/doc/#/jamf-management-framework, authenticate and then enter the computers JSS ID.

jun_zhang · ‎08-21-2023

Hi TrentO，

I found the pages you machined and create a command. But when I run the curl command on may mac it just give me 401 erorr.

Would you like to give me more details ?

TrentO · ‎08-22-2023

401 means that you were not properly authenticated when accessing the API. To authenticate you will need to get a bearer token from the 'api/v1/auth/token' endpoint first. Then you would include this token as 'Authentication: Bearer {{TOKEN}}' as a header with the rest of your API requests. Instructions on how to do this are found here (https://developer.jamf.com/jamf-pro/reference/post_v1-auth-token) and here (https://developer.jamf.com/jamf-pro/docs/client-credentials).

This is a bit convoluted unless you are already familiar with using APIs, so I recommend using your instances API docs directly as it provides a nice graphical interface for making one off API calls. Navigate to https://YourJamfServer.com/api/doc/#/jamf-management-framework (replacing YourJamfServer.com with the URL and possibly port to your jamf instance. This will take you to a page which looks like this.

From there you can login using the fields provided using your username and password and click authorize. This is the equivalent of getting the bearer token I mentioned earlier.

Then scroll down to the "jamf-management-framework" section and click to expand.

Click try it out as seen above and then enter the JSS ID of the computer you want to install the jamf binary on in the ID field. Then click execute.

You will see the result of the command in the Responses section below the execute button.

Hope that helps!

jun_zhang · ‎08-22-2023

Thanks TrentO, I think I amlost get the solution.

When I click extue it gives me a curl command. Should I run that command on my Mac or after clicking execut button, the Jamf server will push a installation command to my Mac?

TrentO · ‎08-23-2023

If you get a success message after executing then there is no need to do anything further. The MDM command will have already sent. You can check the machine in Jamf Pro to see pending MDM commands.

jun_zhang · ‎08-22-2023

Here is the screenshot.

TrentO · ‎08-23-2023

Looks like it succeeded, so the MDM command to install Jamf should be pending

Hugonaut · ‎08-21-2023

@jun_zhang
try creating a package of the existing jamf binary from a blank test machine & then deploy it

or
try creating a quickadd package with jamf recon & just extract the binary & deploy that

of course having an administrative IT account & the ability to vnc/ssh into the machines also helps quite a bit.

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________

Virtual MacAdmins Monthly Meetup - First Friday, Every Month

jun_zhang · ‎08-21-2023

Hi Hugonaut,

Would you like to tell me the path of jamf binary?

Bol · ‎08-22-2023

@jun_zhang wrote:
Hi Hugonaut,
Would you like to tell me the path of jamf binary?

https://jss.company.net:8443/bin/jamf.gz

jun_zhang · ‎08-22-2023

Thanks a lot.I've downloaded that gz files. Would you like to tell me how to install jamf binary with that gz file?

Bol · ‎08-23-2023

@jun_zhang wrote:
Thanks a lot.I've downloaded that gz files. Would you like to tell me how to install jamf binary with that gz file?

@jun_zhang
Similar to a zip / compressed image file, once downloaded, use the following to extract into your current user profile folder;

gunzip -fq ~/jamf.gz ~/jamf

Or if you are copying from your Downloads, back into the Jamf binary original location;

gunzip -fq ~/Downloads/jamf.gz /usr/local/jamf/bin/jamf

Jacek_ADC · ‎12-06-2023

Hi guys

I am trying the same via api, but nothing happens on my testmacbook and in the api i receive als following statement

Response body
{
"httpStatus": 401,
"errors": []
}
Response headers
cache-control: no-cache,no-store,max-age=0,must-revalidate
content-length: 42
content-type: application/json;charset=UTF-8
date: Wed,06 Dec 2023 12:51:42 GMT
expires: 0
pragma: no-cache
server: Jamf
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

I am just quite new with api. We do not really use it so much, but I am pretty sure I do the right thing.

I have exactly the same output when i do it via coderunner from my macbook

{

  "httpStatus" : 401,

  "errors" : [ ]

}

Additional information, there is no pending command on the testmacbook

user-IWWxotPJmq · ‎01-24-2024

Honestly, the endpoint is there.... Why is there not a management button on the computer with "Redeploy JAMF Binary" and then have the same prompt as the Renew MDM Profile button... This is frustrating that you need to jump through API hoops to do something so simple. Why doesn't JAMF make ALL the actions available on a host available that are already in the API??? (BTW, used the swagger interface as suggested to do this, but it shouldn't be necessary)

Jamf Nation Community

How to install jamf binary manually