Lightspeed User Agent Script

egill
New Contributor III

We have recently installed a new Lightspeed Rocket. I have pushed out a new User Agent to all of our Mac's to make sure everything is up-to-date. However, the new user agent doesn't appear to be syncing with the Rocket. There is a script that they say to run in terminal after an install (sudo defaults write useragent IdentServer -string “..."). I'm trying to figure out a way to push this out either through Casper Remote or JSS. It needs to be run as administrator or in root so I put together a basic script and pushed it to a test machine. No matter how I've tried my script fails when pushed out through JSS or Casper Remote. Anyone else had luck with this??

!#/bin/sh
sudo defaults write useragent IdentServer -string "<Rocket IP>"

Full Disclosure: I'm new to Casper and Mac's in general in the last few months haha, Thanks!

13 REPLIES 13

obi-k
Valued Contributor II

Can you screenshot how you setup the policy in your JSS?

egill
New Contributor III

@mvu I have the general information set so that it will install once per computer at startup, login, or check in. I have the script saved via casper admin in the share. Below is the screenshot of the Scripts portion. Thanks for looking at this.

obi-k
Valued Contributor II

Maybe give the Lightspeed community a post? Or submit a ticket with them? Looks like you got all correct.

egill
New Contributor III

Thanks @mvu, I'll give that a try, I appreciate your time and help.

mbuckner
Contributor

We capture the UserAgent and the script via Composer. That command saves the info to /var/root/Library/Preferences/useragent.plist. You could always grab that file and push it out.

Mark

rusty_adams
New Contributor III

You can run that command line under Files and Processes - Execute command from a policy and take out the sudo since Casper runs it as root by default:

defaults write useragent IdentServer -string "xx.xx.xx.xx"

I just built a package from Composer, added that command, and was good to go.

edit to add: I can't find the link just now, but I stumbled upon this in the JAMF forums just a few days ago. Only other thing I can add is make sure you post straight quotes and not "curly" quotes into that command line or you will get an error.

chmeisch
New Contributor III

Here's the thing, that command needs to be run as their user. Otherwise the Rocket will show the SSH user that was used by Casper as the identified person.

I run it as part of my First Run Policy after imaging a computer that runs once per user per login. Works well in my environment.

mbuckner
Contributor

@chmeisch According to lightspeed, though, you run that command with sudo - when you do that it writes it to the root user. I didn't see anything about it needing to be run as their user. Can you give some clarification?

rusty_adams
New Contributor III

I haven't had to do that in my environment. I set mine up as described above (made a package in Composer and added that command to the policy), and have tested with 3 or 4 different AD user accounts on the same machine.

The Rocket is picking up the correct users for me.

Johnny_Kim
Contributor II

Within the policy, I have in "files and process" -> "Execute command"

launchctl load /Library/LaunchDaemons/com.lightspeedsystems.LsUserAgent.plist

MST
Contributor

I have just recently confirmed with them there is an issue on their appliance lightspeed rocket 2.

I have installed just package without any commands as a test to one of machines. Should I use:

launchctl load /Library/LaunchDaemons/com.lightspeedsystems.LsUserAgent.plist in files and process under the package installation?

Thank You,

cscsit
New Contributor III

I'm being told by Lightspeed support that I need to run the command with domain admin rights, is this true? I've installed the agent, ran the terminal command with the correct IP address of the Rocket appliance. The Mac doesn't seem to recognize who is logged in. I'm purposely going to a website I know is blocked and its still showing Unknown user on the top bar of the blocked page instead of my username. It doesn't appear as if the Mac is passing along the Active Directory account information so Lightspeed can assign the correct policy based on who's logged in.

I've attached what the light speed plist file looks like that is created after running the command.

6570f6e473094dab81aabfb64f36c88d

cizdziem
New Contributor III

Hi @cscsit ,

Did you ever find a resolution for this? I've tried just about everything I can think of, and I seem to be having the same results as you. We have a call with Lightspeed scheduled for tomorrow, but I was wondering if you ever found a resolution. If we're able to find a solution tomorrow, I'll try and remember to update this thread.

Thanks!