Jamf Prestage updating Computer Names

mattmcchesney
New Contributor III

So I have a prestage enrollment set for computers that are already enrolled in Jamf to get a clean install and re-enroll. I would like them to pick up the name they previously had in Jamf. However no matter what I do they seem to revert to the name given to them after the OS is installed (iMac or Macbook) Etc...

Is there a way to prevent this form happening I have a policy that is running as soon as enrollment occurs to change the name to the one listed in Jamf but I can watch the name in Jamf change to the default before that policy gets to run then the name is wrong and the policy updates the name incorrectly. Is there anyway to prevent this?

11 REPLIES 11

sdamiano
Contributor II

Don't allow that policy to run as soon as enrollment occurs. I find that the initial recon a machine does post enrollment will re-write the name of the machine into the JSS.

Allow your first recurring check in to run, then update the computer name and run whatever policy you use to update it.

mattmcchesney
New Contributor III

The policy i have that updates the name has the update inventory check in turned off and only runs Reset Computer Names. Is there a hidden recon that runs post enrollment. If so that will update the computer name in jamf incorrectly which I don't want. I will try what you suggested anyway though just to see what happens.

mattmcchesney
New Contributor III

Even with no policies running at enrollment the name still changes in jamf to be incorrect. Any ideas? I thought that jamf was supposed to match the computer name via mac address is there a setting I am missing. I would like this to be an automatic process so we don't have to rename the machines every time either in jamf or locally. Once its incorrect in jamf then there is nothing for a policy run later to pull from to correct it automatically.

Chris_Hafner
Valued Contributor II

I thought that machines had to be removed from the JSS before a pre-stage would work properly. Perhaps I am missing something here. Are you talking about an automated re-image via Casper Imaging or really a pre-stage? The reason I bring this up is that an automated re-image will use the name in the JSS record. A Prestage should have no computer record/info to pull from, and therefore will need to create a new machine name which is then recorded by the JSS.

Jamf uses the hardware UUID since version 9 rather than a MAC address for machine identification.

Anyways, there's always TugBoat if you've got the inventory naming info somewhere else: https://www.jamf.com/jamf-nation/discussions/23089/jamf-pro-open-source-management-tools-cargo-ship-tugboat

mattmcchesney
New Contributor III

It is a prestage only no imaging. It does work and it pulls its previous room number and department information. But it changes its name to the default. Is that not supposed to work?

Chris_Hafner
Valued Contributor II

ok... I think I'm following. What are you "Pre-Staging"? In my experience, Pre-Stage refers to a specific type of imaging and enrollment process. If you're not laying down and OS and have previously enrolled machines, why pre-stage or re-enroll in the first place? You might have a great reason, but it's got me wonder what I'm missing.

mattmcchesney
New Contributor III

Ok here is the work flow I would want. New out of the box system fresh OS from apple. This process I have a script that prompts for the name and then one that adds it to a room. This in in an education environment and this first presage installs all the default software while the room selection adds all the room specific software for that lab. This process works perfectly.

Every semester or so we refresh these machines. So this work flow we wipe the machines to bare metal and install the OS again fresh from apple or recovery partition. After a computer had gone through the first prestage I move it to this new one. This one it keeps its room assignment and its department information. This actually works for everything but the name of the computer. The computer stays correct in jamf until right after the prestage runs then it gets changed back to iMac or Macbook the OS default and this change is then somehow updated to the JSS. I have a script that runs to change the name back to what it is on the JSS but the name is incorrect before that ever happens. This process would work perfectly if I could get the name to update before it changes it on the JSS. That way the process would be completely automatic and no action would be needed to refresh these machines again the second time.

Chris_Hafner
Valued Contributor II

Fair enough: So the OS is getting laid down and the unit re-enrolled. This is updating the JSS record with the generic name, and that's a bummer. A few thoughts:

• Keep using this process and merely run Tugboat to repopulate the proper names in the JSS (from a pre-existing CSV). These can then be re-propagated to the computer name. That should solve your issue without changing your process, and it's pretty simple.

• Are you SURE that this pre-stage is running (the second one)? I mean, I'm sure you've set up a pre-stage, but a pre-stage isn't supposed to work on computers with existing JSS records. Like... really, not at all. Perhaps the machines autorun data has "Image Automatically" the next time Casper Imaging is run, checked. I don't think that this has anything to do with the naming issue as the name gets wiped along with the OS, but I want to make sure we're understanding everything correctly.

• I get the desire to wipe OS. However, I and everyone else has been forced into trying to avoid this in automated workflows (because all good things got to end right?) I can't say that I've figured it out for my environment yet. I'm EDU, so I've got until September to get this straightened out. I mean, it's trivial to automate the removal of user accounts, user data and the like. Some things may be a bit tricky but do you think it's possible that you can accomplish your desired state without wiping the OS? If you don't wipe the OS then the name will not get reset, and this isn't an issue.

• The last thing: is DEP involved at all. It doesn't sound like it, but I figured we should check.

mattmcchesney
New Contributor III

Hmm interesting thoughts. We are still new to using jamf so no workflows are set in stone yet.

I honestly hadn't considered not wiping the OS but now you mention it that is a possibility a bit more work on my end perhaps but probably a better overall outcome and seeing as we are starting fresh better to start on the right foot than to go back and make the old way work.

Now I have looked at my jamf.log I think your right I had the pocily set it such a way that they where running if the programs didn't exist so it actually fooled me into thinking my prestage was working when it may actually not doing anything.

AVmcclint
Honored Contributor

Here is a script I cobbled together to rename a computer to the serial number. I believe the important part is to have this script run at "Enrollment Complete" before the computer joins active directory. Otherwise you'll have AD entries not matching up with the actual computer name. I've only run the script manually so far and it seems to work, but I have not had a chance to run it during a Prestage enrollment process.

#!/bin/bash
# This script gets the computer's serial number and sets the HostName, LocalHostName, and ComputerName
# so that when it joins active directory, it has a proper name instead of "Someone's MacBook Pro"

SERIAL=`ioreg -l | awk '/IOPlatformSerialNumber/ { print $4;}' | sed 's/"//g'`

#Set New Computer Name
echo $SERIAL
scutil --set HostName $SERIAL
scutil --set LocalHostName $SERIAL
scutil --set ComputerName $SERIAL

echo Rename Successful

chelm
New Contributor III

I was struggling with this and we refuse to use the serial number as a computer name. Additionally, we have no desire to maintain a list of computer names outside of Jamf. I ended up adding an extension attribute called "BuildComputerName" and then creating a script that runs to do the following:

  • run on computer and get serial number
  • use serial and query JSS for the name (stored in a persistent Extension Attribute)
  • flush all DNS info
  • set ComputerName, Hostname, and LocalHostname
  • run a recon
  • then I call a policy to bind the computer
  • run another recon

There are a couple commented out examples of how to get the EA from JSS and you, of course, need to fill in the 3 variables at the top of the script.

#!/bin/sh
####################################################################################################
# NAME
#   JamfRename.sh -- Renames a computer during build to the name that exists in JamfPro
#
# DESCRIPTION
#   This script reads the computerName from JamfPro by querying on Serial Number and then renames 
#   the computer to the computername so the machine can correctly bind during DEP policy deployment 
#
####################################################################################################
#
# HISTORY
#
#   Version: 1.0.2
#
#   - Created by Created by Clarence Helm 11/14/2018
#
####################################################################################################
apiUser=""
apiPass=""
jssBase=""

#get the System Serial Number
serialNumber=$(ioreg -rd1 -c IOPlatformExpertDevice | awk -F'"' '/IOPlatformSerialNumber/{print $4}')
#echo $serialNumber

#Collect JSS info and parse for computer name
response=$(curl $jssBase/JSSResource/computers/serialnumber/"$serialNumber" --user "$apiUser:$apiPass")
#jssName=$(echo $response | xpath '//computer/general' 2>&1 | awk -F'<barcode_2>|</barcode_2>' '{print $2}')
#jssName=$(echo $response | xpath '//computer/general' 2>&1 | awk -F'<name>|</name>' '{print $2}')
jssName=$(echo $response | xpath "//*[id=68]/value/text()")

#echo jssName of $jssName

#rename the computer
if [ -z "$jssName" ]
then
    echo "variable empty" 
else 
    echo "variable not empty"
    echo "jssName of $jssName"
    sudo dscacheutil -flushcache
    sudo killall -INFO mDNSResponder
    sudo killall -HUP mDNSResponder
    scutil --set ComputerName ${jssName}
    scutil --set LocalHostName ${jssName}
    scutil --set HostName ${jssName}
    sleep 10
    sudo /usr/local/jamf/bin/jamf recon -verbose
    sudo /usr/local/jamf/bin/jamf policy -id 1035 -event -verbose
fi

sleep 10
sudo /usr/local/jamf/bin/jamf recon -verbose

exit 0