MDM Capable users script

bizops
New Contributor II

Hi,

I need a smart group so I can see any devices that are missing an MDM Capable user. Support provided a script but I didn't want to store credentials in it. So I created a policy with the script and pulls in the creds as parameters but now I'm stuck at using the API to update JAMF.

I've created an EA called MDM Capable User with an input type of text field. I want to add the result of the query into this field.

My script so far looks like this. Not used the API before and don't have strong scripting skills so appreciate some pointers! The PUT command is something I copied, not sure if it's in the right place and not sure what I need to change.

Any help appreciated!

#!/bin/bash

# EA to find the names of the MDM capable users on this device

# Set variables here
udid=$( ioreg -rd1 -c IOPlatformExpertDevice | awk '/IOPlatformUUID/ { split($0, line, """); printf("%s
", line[4]); }' )
jssurl=`/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url`
apiuser="$4"
apipass="$5"

# Retrieve the computer record data from the JSS API.
# Use xpath to scope for the particular xml section we want. Dump all error to /dev/null because xpath doesn't output cleanly.
# sed to remove the xml tags leaving either the data we want, or nothing.
user=$( curl -k -H "Accept: application/xml" -s -u ${apiuser}:${apipass} -X GET ${jssurl}JSSResource/computers/udid/${udid} | xpath //general/mdm_capable_users 2> /dev/null | sed -e 's/<mdm_capable_users>//;s/</mdm_capable_users>//;s/<mdm_capable_users />//' )

# Report back as either a name or as unlisted
if [ "$user" = "" ];
then
        echo "<result>Missing</result>"
else
        echo "<result>$user</result>"
fi

(curl -s -k -u "${apiuser}:${apipass}" -H "Content-Type: application/xml" -X "PUT" -d "@${xmlFile}" "${jssServer}/JSSResource/computers/id/${computerID}")

# Finished!
exit 0

The original script provided was

#!/bin/bash

# EA to find the names of the MDM capable users on this device

# Set variables here
udid=$( ioreg -rd1 -c IOPlatformExpertDevice | awk '/IOPlatformUUID/ { split($0, line, """); printf("%s
", line[4]); }' )
jssurl=`/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url`
apiuser="$4"
apipass="$5"

# Retrieve the computer record data from the JSS API.
# Use xpath to scope for the particular xml section we want. Dump all error to /dev/null because xpath doesn't output cleanly.
# sed to remove the xml tags leaving either the data we want, or nothing.
user=$( curl -k -H "Accept: application/xml" -s -u ${apiuser}:${apipass} ${jssurl}JSSResource/computers/udid/${udid} | xpath //general/mdm_capable_users 2> /dev/null | sed -e 's/<mdm_capable_users>//;s/</mdm_capable_users>//;s/<mdm_capable_users />//' )

# Report back as either a name or as unlisted
if [ "$user" = "" ];
then
        echo "<result>Missing</result>"
else
        echo "<result>$user</result>"
fi

# Finished!
exit 0

Thanks,
Nathan

0 REPLIES 0