Help

naming computers running into root issues and more

the_cececollins
New Contributor

Posted on ‎08-02-2019 01:43 AM

Goal: Name computers using logged in user's full name model asset tag.

Issue:
1. Script below works perfectly when ran outside of Jamf policy (using terminal or CodeRunner). As soon as I run it from Self Service or triggered, the Full Name of the user account defaults to CVMS Root System Administrator.

finger $(whoami) | egrep -o 'Name: [a-zA-Z0-9 ]{1,}' | cut -d ':' -f 2 | xargs echo

Theory: I believe the whoami string is adjusting to the "Root Admin" account once pushed by Jamf in order to run as root, which makes sense but I'm needing the script to ignore all accounts except for the one user account that is currently signed in.

2. Receive "SCPreferencesSetLocalHostName() failed: Invalid argument" error
3. "There was an error. This application must be run as root. Try the sudo command." I assume this is resolved as soon as the script is ran in Jamf but I'm not 100%.

#!/bin/bash

REALNAME=$(finger $(whoami) | egrep -o 'Name: [a-zA-Z0-9 ]{1,}' | cut -d ':' -f 2 | xargs echo)
MODEL_NAME=$(system_profiler SPHardwareDataType | awk '/Model Name/ {print $3" "$4}')
JSS="https://yourdomain.jamfcloud.com"
API_USER="apiuser"
API_PASS="apipassword"
UUID=$(ioreg -rd1 -c IOPlatformExpertDevice | awk -F'"' '/IOPlatformUUID/{print $4}')
ASSET_TAG_INFO=$(curl -H "Accept: text/xml" -sfku "$API_USER:$API_PASS" "$JSS/JSSResource/computers/udid/$UUID/subset/general" | xmllint --format - 2>/dev/null | awk -F'>|<' '/<asset_tag>/{print $3}')

## Name Changing ##

if [ -n "$ASSET_TAG_INFO" ]; then
    echo "Processing new name for this device..."
    echo "Changing name..."
    scutil --set HostName "$REALNAME $MODEL_NAME - $ASSET_TAG_INFO"
    scutil --set ComputerName "$REALNAME $MODEL_NAME - $ASSET_TAG_INFO"
    scutil --set LocalHostName "$REALNAME $MODEL_NAME - $ASSET_TAG_INFO"
    jamf setComputerName -name "$REALNAME $MODEL_NAME - $ASSET_TAG_INFO"
    dscacheutil -flushcache
    echo "Name change complete: $REALNAME $MODEL_NAME - $ASSET_TAG_INFO"

else
    echo "Asset Tag information was unavailable. Using Serial Number instead."
    echo "Changing name..."
    scutil --set HostName "$REALNAME $MODEL_NAME - $ASSET_TAG_INFO"
    scutil --set ComputerName "$REALNAME $MODEL_NAME - $ASSET_TAG_INFO"
    scutil --set LocalHostName "$REALNAME $MODEL_NAME - $ASSET_TAG_INFO"
    jamf setComputerName -name "$REALNAME $MODEL_NAME - $ASSET_TAG_INFO"
    dscacheutil -flushcache
    echo "Name Change Complete: $REALNAME $MODEL_NAME - $ASSET_TAG_INFO"

fi

## Notification ##

JH=/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper
TITLE="Narrative Science"
ICON="/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/Sync.icns"
ADESC="Natural"


"$JH" -windowType utility -title "$TITLE" -heading "Success!" -description "Computer Name ($REALNAME $MODEL_NAME - $ASSET_TAG_INFO) and Asset Tag ($ASSET_TAG_INFO) has been successfully added to the Jamf computer record." -button1 "Awesome" -icon "$ICON" -alignDescription natural -alignHeading natural
0 Kudos
2 REPLIES 2

joshuasee
Contributor III

Posted on ‎08-02-2019 06:29 AM

The jamf agent runs scripts as root, so whoami is correct when it returns the root user.

The most common way of getting the logged in users name has been by checking ownership of the console device, which changes when someone logs in, though there are other methods and everyone has their favorite. Take your pick:

realname=$(stat -f%Su /dev/console);
realname=$(who | sed -n s/.console.*//p);
realname=$(logname);
realname=$(/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }');
realname=$(/usr/bin/python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");');

I would also note that using jamf setComputerName and scutil together strikes me as a bit redundant. setComputerName covers the same bases and is less temperamental than scutil.

0 Kudos

tuinte
Contributor III

Posted on ‎08-02-2019 07:16 AM 

realname=$(/usr/bin/python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");');

Apple recommends the python grab. The others aren't reliable if fast user switching is enabled and more than one account is logged in.

0 Kudos