Jamf Nation Community

Alvaro1337 · ‎05-20-2024

Hi Jamf Nation Team,

Is there an automatic way to move the inactive Macs from one production site to another? We have identified the Macs that need to be moved to the inactive site, but can we move them automatically when they reach the "inactive" status?

Alvaro Ortiz

stevewood · ‎05-20-2024

I assume by "inactive" you are using some criteria like "Last Check-In more than 90 days" or something similar. And by "move site" you mean moving from a Site within Jamf Pro. There is no native way in Jamf Pro to automatically change the site of a computer. You can use a Smart Group to capture the devices that have no recent check-ins, but there is no way to automatically move them. You can use the Action button, as I am sure you are already doing, to bulk move all of the devices into a different site.

To do this automatically you would probably want to use a webhook and a webhook receiver like JAWA or Zapier to trigger an API call to move the devices. I am sure there are other automation tools besides Zapier that you could use (you can use a Lambda in AWS to do this as well).

Alvaro1337 · ‎05-24-2024

Thanks for the suggestion, ill try those...

Alvaro Ortiz

howie_isaacks · ‎05-28-2024

I wrote a script recently that assigns Macs to a specific site. The criteria I used for the policy was the country where the computer is located. When they fall into the smart group for "US" for example, they get assigned to our "US" site. You may be able to modify this to do what you need to do. Here's the script.

#!/bin/zsh

###########################
# Assigns a Mac to a specific site. 
# Use Jamf parameter 4 for site ID.
# Use Jamf parameter 5 for site name.
# Under API Login, specify your Jamf URL, API username and password.
#
# 4/10/24 | Howie Isaacks
###########################


# API login
jamfProURL="https://YourServer.jamfcloud.com"
username="API_User"
password="SuperDuperSecretPassword"

# Computer serial number
serialNumber=$(system_profiler SPHardwareDataType | grep Serial | /usr/bin/awk '{ print $4 }')

# Request auth token
authToken=$( /usr/bin/curl \
--request POST \
--silent \
--url "$jamfProURL/api/v1/auth/token" \
--user "$username:$password" )

# Parse auth token
token=$( /usr/bin/plutil \
-extract token raw - <<< "$authToken" )

tokenExpiration=$( /usr/bin/plutil \
-extract expires raw - <<< "$authToken" )

localTokenExpirationEpoch=$( TZ=GMT /bin/date -j \
-f "%Y-%m-%dT%T" "$tokenExpiration" \
+"%s" 2> /dev/null )

# Site variables
site_id="$4"
site_name="$5"
site_xml="/private/tmp/site.xml"

# Function - Create site XML file
function siteXML() {
	echo "Writing site assignment XML to /private/tmp/site.xml"
	tee "$site_xml" << EOF
<computer>
	<general>
		<site>
			<id>$site_id</id>
			<name>$site_name</name>
		</site>
	</general>
</computer>
EOF
}

# Determine Jamf Pro device id
echo "Getting the Jamf Pro device ID..."
deviceID=$(curl -s -H "Accept: text/xml" -H "Authorization: Bearer ${token}" ${jamfProURL}/JSSResource/computers/serialnumber/"$serialNumber" | xmllint --xpath '/computer/general/id/text()' -)

echo "Device ID: $deviceID"

# Create the site XML file - run the function
siteXML 

# Assign Mac to the site.
echo "Assigning Mac to "$site_name" site."
curl -sfk -H "Accept: text/xml" -H "Authorization: Bearer ${token}" "${jamfProURL}/JSSResource/computers/id/${deviceID}" -T "$site_xml" -X PUT

# Remove the site XML file
echo "Removing the site XML file from /private/tmp."
rm "$site_xml"

I'm very late to working with the Jamf API. This was my first script to use the API. It has worked every time it has been used. It runs right after enrollment to assign Macs to the appropriate site. We have Jamf admins in several countries who can only see the Macs in their assigned sites. This has been very useful.

Alvaro1337 · ‎05-28-2024

Thank you Howie, ill test your script, seems that is what I'm looking for...

Alvaro Ortiz

howie_isaacks · ‎05-28-2024

When I get time, I may try modifying it to allow you to use a text file to feed the device IDs to the script to assign them to a site. This script from Rocketman has that option for running the Jamf management framework to re-enroll Macs. https://github.com/Rocketman-Tech/Jamf-Self-Healing/blob/main/Jamf%20Self%20Healing%20-%20Manual%20R...

Jamf Nation Community

Move from Site - 30 Day Inactive Macs