Importing users into Casper

Davies
New Contributor III

Hello, wondering if anybody knows of a way to mass import users from LDAP into Casper users? Looked all over cannot find a way to do this.

Thanks in advance
David

21 REPLIES 21

GaToRAiD
Contributor II

@Davies By default the users are imported into casper from LDAP lookup. Please give us a little more information on what you are trying to accomplish.

Caleb_Anderson
New Contributor III

I think he means import every user from AD before they enrol a device with the mdm, and be able to see them in the JSS without any devices attached to them.

uoscasper
New Contributor

Bump. I need my users in the JSS without any devices attached to them yet.

Thanks.

Jookyseacap
New Contributor III

JAMF support has a script on github for importing users from a csv - createuserfromcsv. This creates the users before the devices enroll. If I recall correctly you just need to add the ldap server id into the apidata upload to have the user's properly update as an AD user when they enroll as well.

That means changing this line apiData="<user><name>${user}</name><email>${email}</email></user>"

to apiData="<user><name>${user}</name><email>${email}</email></user><ldap_server><id>${ldapserver}</id></ldap_server>"

conitsupport
Contributor

Has anyone done this? at present we have on site controllers but are looking at cloud controller on next update of licenses, out LEA wont allow direct connections from public internet into schools so we use smoothwall and a dmz box for AD authentication, unfortunately this use NAT and JIM does not work with nat so we cant use that to get AD authentication.

So I need to get my users onto the JAMF cloud in bulk. Ive looked at using Apple School Manager bu that it to long winded to do every time we have new users / leavers etc.

We only use iPads just want to be able to to link them to the user account as we do now on enrollment / DEP deployment.

el2493
Contributor III

@Jookyseacap , are you still able to do this? I'm trying to follow your instructions but it's not working for me. If I just use the script to create users (without the LDAP information) it works, but if I add the LDAP information then it doesn't create any accounts. I also tried <ldap_server><name>${ldapserver}</name></ldap_server> with the name of the LDAP server instead of the ID and that also didn't work.

Jookyseacap
New Contributor III

@el2493. I've moved to a new employer and haven't had to use this import method since then, but I took a look at the API documentation and you should still be able to use this method to create an LDAP user. I did notice one thing though, and that is either I had a typo when I posted earlier, or the API path has changed slightly when looking at the xml structure. Meaning that rather than this line

apiData="<user><name>${user}</name><email>${email}</email></user><ldap_server><id>${ldapserver}</id></ldap_server>"

It should be the following line

apiData="<user><name>${user}</name><email>${email}</email><ldap_server><id>${ldapserver}</id></ldap_server></user>"

Just to test I did make a quick one line import file and ran my original posted line, where I did encounter the same problem you were experiencing. Then I tested with the new line(with the ldapserver moved inside the user tags), and that worked for me. We are currently running Jamf Pro version 10.4 where I am now, just incase that makes a difference. My previous post would have be something like Jamf Version 9.8 or so.

el2493
Contributor III

@Jookyseacap thanks, I made the change and the account was created now, though it looks the same as when I didn't include the LDAP information. The LDAP data won't autofill until the user enrolls a device? I'll obviously be testing it, but thanks for your help so far!

UPDATE: Yep, totally worked, I had set the Site to a random site and confirmed that it showed that when the user was enrolling, then about halfway through enrollment I did a search for the User and confirmed it pulled Full Name and Position. YAY!

Jookyseacap
New Contributor III

@el2493 Yes, that is correct the script should only create the username and email in the database, along with the chosen LDAP server. If you look up the created user in the API, the XML or JSON results should show the LDAP server as well, which is something that doesn't show in the regular GUI view. Then once the user enrolls a device the rest of the information should autofill from the LDAP server.

KyleEricson
Valued Contributor II

Has anyone does this script without LDAP. I use G-Suite and I want to import a csv files the following fields:
Username
Full Name
Email
Position
I tried this, but doesn't work
I tired for my URL: https://myurl.jamfcloud.com
myurl.jamfcloud.com

createUserFromCSV.sh

Read My Blog: https://www.ericsontech.com

talkingmoose
Moderator
Moderator

@kericson, what did you see when the script failed?

KyleEricson
Valued Contributor II

This is what it does for me.

My Vars: server="mydomain.jamfcloud.com"

Attempting to create user - John.doe : john.doe@mydomain.com % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 69 0 0 100 69 0 180 --:--:-- --:--:-- --:--:-- 180
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 155 --:--:-- --:--:-- --:--:-- 156
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 155 --:--:-- --:--:-- --:--:-- 155
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 160 --:--:-- --:--:-- --:--:-- 160
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 169 --:--:-- --:--:-- --:--:-- 169
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 172 --:--:-- --:--:-- --:--:-- 172
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 177 --:--:-- --:--:-- --:--:-- 177
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 170 --:--:-- --:--:-- --:--:-- 170
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 174 --:--:-- --:--:-- --:--:-- 174
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 170 --:--:-- --:--:-- --:--:-- 170
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 179 --:--:-- --:--:-- --:--:-- 179
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 179 --:--:-- --:--:-- --:--:-- 180
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 179 --:--:-- --:--:-- --:--:-- 179
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 176 --:--:-- --:--:-- --:--:-- 176
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 180 --:--:-- --:--:-- --:--:-- 181
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 176 --:--:-- --:--:-- --:--:-- 176
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 174 --:--:-- --:--:-- --:--:-- 174
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 172 --:--:-- --:--:-- --:--:-- 171
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 173 --:--:-- --:--:-- --:--:-- 174
Attempting to create user - : % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
100 42 0 0 100 42 0 157 --:--:-- --:--:-- --:--:-- 157
The following users could not be created:
[]
Kyles-MacBook-Pro:~ Kyle$

Read My Blog: https://www.ericsontech.com

talkingmoose
Moderator
Moderator

@kericson, hmmm... Only the first line of your output actually indicates you have a user in your list. The rest of the output is blank.

How did you create your CSV file? Do you have more than one user listed? And does the last entry have a blank return after it?

KyleEricson
Valued Contributor II

@talkingmoose I did have blank items, but them removed them so I only had the test user in one line of data.

Read My Blog: https://www.ericsontech.com

talkingmoose
Moderator
Moderator

@kericson, so far, nothing is indicating you're receiving an error.

Make sure you're not confusing Users with Settings > System Settings > Jamf Pro Users & Groups. The script is for creating records under Users only.

You can also add this anywhere in your curl command on line 85 of the script to output the HTTP status code:

--write-out "%{http_code}"

On line 86 you can add this to echo the status code:

resultStatus=${result: -3}
echo "$resultStatus"

Result should be one of these status codes:

200 Request successful
201 Request to create or update object successful
400 Bad request
401 Authentication failed
403 Invalid permissions
404 Object/resource not found
409 Conflict
500 Internal server error

Maybe this will give some indication as to what's happening.

KyleEricson
Valued Contributor II

What happens when I have the csv with only one user it will run the script forever at least 5 mins and no users created. Shouldn’t this be instant?

Read My Blog: https://www.ericsontech.com

talkingmoose
Moderator
Moderator

@kericson, I would expect the script to run very quickly, but without knowing any of the output from running the script itself, I don't have any idea why you're seeing this behavior.

eskillings
New Contributor

I had to change the script and remove :8443 in the url under the #construct the XML portion to get this to work with our jamfcloud.com instance

danovalo
New Contributor

@eskillings I had to do the same thing to get mine going. Thanks for this

erwinm
New Contributor II

If you need to add FullName with the script, add fullname inside the While loop and apidata. And of course add the fullname on 3rd column on your csv.

while read name do counter=$[$counter+1] line=echo "$data" | head -n $counter | tail -n 1 user=echo "$line" | awk -F , '{print $1}' email=echo "$line" | awk -F , '{print $2}' fullname=echo "$line" | awk -F , '{print $3}' echo "Attempting to create user - $user : $email : $fullname" #Construct the XML apiData="<user><name>${user}</name><email>${email}</email><full_name>${fullname}</full_name></user>"

cschneer
New Contributor

Hey guys, I'm getting a syntax error, please help. My CSV headers are username and email address.

syntax error near unexpected token `<'
apiData="<user><name>${user}</name><email>${email}</email></user>"'