LogCollection - Account Privileges for upload

bootrec
Contributor

I'm trying to set up and test LogCollection. I created a Jamf user account and want to give it the barest privileges, only what is needed to connect and upload the logs. The only privileges I have configured for this account is create/update Attachment Assignments and create/update File Attachments.

When I run the policy, I get the error "The request requires user authentication". What else do I need to provide this account to be able to connect and upload the log files?

1 ACCEPTED SOLUTION

bootrec
Contributor

Found answer in FAQ https://github.com/kc9wwh/logCollection/wiki/FAQ's

View solution in original post

10 REPLIES 10

bootrec
Contributor

I configured my LogCollection account with full access and I'm still getting the same error. I can read the inventory information successfully by pointing my browser to https://(server).jamfcloud.com/JSSResource/computers/serialnumber/(serial)/subset/general. It seems to fail at the file upload part of the script.

bootrec
Contributor

It works fine if using logCollection.sh, I was trying to use logCollection-encStrings.sh to encrypt the password. Why is that one not working? I'm confused about this command in the script:

jamfProPass=$( echo "$6" | /usr/bin/openssl enc -aes256 -d -a -A -S "$8" -k "$9" )

What is &8 and &9, there are no arguments passed for those.

bootrec
Contributor

Found answer in FAQ https://github.com/kc9wwh/logCollection/wiki/FAQ's

gachowski
Valued Contributor III

@bootrec  Thanks that saved me alot of time  : ) 

smkarthickraja
New Contributor II

Can someone please help me with the exact Jamf user permissions ?

tdenton
Contributor II

@bootrec 

What did you do get this working im using  logCollection-encStrings.sh 

They talk about swapping out this line
jamfProPass=$( echo "$6" | /usr/bin/openssl enc -aes256 -d -a -A -S "$8" -k "$9" )

for this one 
jamfProPass=$( echo "$6" | /usr/bin/openssl enc -aes256 -md md5 -d -a -A -S "$8" -k "$9" )

Im confused were $8 and $9 come from as you dont declare them 



 

I use the logCollection.sh script, not the logCollection-encStrings.sh version. 

tdenton
Contributor II

@bootrec Have tried both currently using logCollection.sh get this output 

Script exit code: 0

Script result:   adding: Library/Management/super/logs/super.log (deflated 81%)

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100   422  100   422    0     0   3480      0 --:--:-- --:--:-- --:--:--  3487

 

mismatched tag at line 10, column 2, byte 404:

<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">here</a>.<br>

Please continue your visit at our <a href="/">home page</a>.

</p>

=^

</body>

</html>

at /System/Library/Perl/Extras/5.34/darwin-thread-multi-2level/XML/Parser.pm line 187.

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100  2490  100   422  100  2068   4161  20395 --:--:-- --:--:-- --:--:-- 24653

<html>

<head>

<title>Status page</title>

</head>

<body style="font-family: sans-serif;">

<p style="font-size: 1.2em;font-weight: bold;margin: 1em 0px;">Unauthorized</p>

<p>The request requires user authentication</p>

<p>You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">here</a>.<br>

Please continue your visit at our <a href="/">home page</a>.

</p>

</body>

</html>

tdenton
Contributor II

Never mind @jbooth  using the updated version whichs support bearerToken seems to work

https://github.com/kc9wwh/logCollection/blob/02a9ab55acbd472cf19fcb28ce5c38bc6c164455/logCollection....