Jamf Nation Community

tomt · ‎12-01-2020

Hi All,

We have a security policy to send a remote lock to machines that have not checked-in for a certain period of time. I'm trying to figure out a way to create a Smart Group using the status of the Remote Lock command.

Obviously, these machines are offline so the command will be sitting in a pending state until they finally come back online. I'd like to create an easy way to search for any machine that has had the command sent to it, even if it has not actually been received yet. This means using some type of server-side value as opposed to a standard EA as the definition.

Does anyone have any ideas?

sgiesbrecht · ‎02-01-2021

@tomt what are the settings for your security policy to remote lock?

tomt · ‎02-01-2021

@sgiesbrecht Hi, I should have been more clear, we have a company security directive to lock machines that have not checked in. The Jamf process is still a manual one.

TomT

sgiesbrecht · ‎02-01-2021

@tomt ah, ok. Thx. back to the drawing board for me

mm2270 · ‎02-01-2021

Would the API be of help here? There is a /computercommands resource URL. More specifically it looks like you can do a 'GET' on specific commands with /computercommands/name/{name} meaning you could put in DeviceLock for the command to filter for. The output contains things like the JSS ID, Serial Number and UUID strings of the Macs, as well as the APNs results and dates, etc.

Edit: Ok, except the above won't help you actually build a Smart Group, so, yeah, never mind me. Though frankly I don't think what you're after is possible. Smart Groups are inherently based on computer information and if the computers aren't checking in, creating a Smart Group for them is going to be impossible it seems.

tomt · ‎02-01-2021

Thanks @mm2270 that could definitely get me the info I'm looking for! Now to find time to play with the API. LOL

Jamf Nation Community

MacOS Smart Group based on Remote Lock Command status