Newly Imaged Machines Smart Computer Group

plnick240
New Contributor

Does anybody have any suggestions on how I can create a smart computer group based on enrollment date/time?

What i am trying to do is have a smart group to look at newly imaged machines (within the last 24 hours) so our JSS can run a policy to add icons to the dock like Microsoft Outlook, Microsoft Lync. etc....

1 ACCEPTED SOLUTION

mm2270
Legendary Contributor III

Is it a requirement to only run this on newly imaged Macs? Or could you target any systems that don't have the specified icons in the user's Dock? Its not necessarily easier to do it that way, but I was just wondering.
There isn't anything built in to the Casper Suite that can get you the date a Mac was enrolled with your JSS. It may be included in the upcoming version 9, but not sure.

Luckily you do have a couple of options. Here are just two. I'm sure there are several others:

1 - Create a script that runs during imaging or after reboot that will create a new file tucked away somewhere on the system with the date as its contents (using the 'date' command in a shell script)
Couple the above with an Extension attribute that would read back that file. This will obviously only help going forward, not for anything already imaged and in a user's hands, so this may not be ideal.

2 - Use an Extension Attribute to pick up the creation date on something you know was created brand new at the time of imaging. This isn't actually as simple as it sounds. Its relatively easy to pull creation date in a script, but most files on the system will have creation dates that are older than the image date unless you are literally installing a new OS with each image run, and even then most files and folders will have an older date. Something to think of targeting would be one of the package receipts that get dropped into /Library/Application Support/JAMF/Receipts/ Maybe even a receipt for one of the apps you mentioned.

To get the creation date you can use mdls, which is a command line spotlight tool for reading back metadata.

mdls -name kMDItemFSCreationDate /path/to/file/or/folder

Its even possible the /Library/Application Support/JAMF/Receipts/ directory would give you the enrollment date, but that depends on how your imaging is done and if policies run on the Macs right after enrollment, etc.

mdls -name kMDItemFSCreationDate /Library/Application Support/JAMF/Receipts/ | awk '{print $3,$4}'

That outputs something like 2013-07-12 15:31:10

If the results from the folder itself don't look right, then dig a little deeper and target one of the receipts in that folder instead. There may be other files and folders that would give you reliable results too.

Good luck.

View solution in original post

8 REPLIES 8

mm2270
Legendary Contributor III

Is it a requirement to only run this on newly imaged Macs? Or could you target any systems that don't have the specified icons in the user's Dock? Its not necessarily easier to do it that way, but I was just wondering.
There isn't anything built in to the Casper Suite that can get you the date a Mac was enrolled with your JSS. It may be included in the upcoming version 9, but not sure.

Luckily you do have a couple of options. Here are just two. I'm sure there are several others:

1 - Create a script that runs during imaging or after reboot that will create a new file tucked away somewhere on the system with the date as its contents (using the 'date' command in a shell script)
Couple the above with an Extension attribute that would read back that file. This will obviously only help going forward, not for anything already imaged and in a user's hands, so this may not be ideal.

2 - Use an Extension Attribute to pick up the creation date on something you know was created brand new at the time of imaging. This isn't actually as simple as it sounds. Its relatively easy to pull creation date in a script, but most files on the system will have creation dates that are older than the image date unless you are literally installing a new OS with each image run, and even then most files and folders will have an older date. Something to think of targeting would be one of the package receipts that get dropped into /Library/Application Support/JAMF/Receipts/ Maybe even a receipt for one of the apps you mentioned.

To get the creation date you can use mdls, which is a command line spotlight tool for reading back metadata.

mdls -name kMDItemFSCreationDate /path/to/file/or/folder

Its even possible the /Library/Application Support/JAMF/Receipts/ directory would give you the enrollment date, but that depends on how your imaging is done and if policies run on the Macs right after enrollment, etc.

mdls -name kMDItemFSCreationDate /Library/Application Support/JAMF/Receipts/ | awk '{print $3,$4}'

That outputs something like 2013-07-12 15:31:10

If the results from the folder itself don't look right, then dig a little deeper and target one of the receipts in that folder instead. There may be other files and folders that would give you reliable results too.

Good luck.

dpertschi
Valued Contributor
  1. Set a custom trigger for your policy and then call it with an at reboot script in your imaging configuration.

plnick240
New Contributor

@MM2270 - I prefer the policy to only run on newly imaged Macs. Thank you for the suggestions!! I'll need to explore all of those options and see which one is the best route. Again, thank you!

@dpertschi - That's a good point. Thank you for that suggestion!

I'll report back my final results.

-Nick

stevewood
Honored Contributor II
Honored Contributor II

Option 4 - use dockutil to add the icons during imaging to the user template. This requires adding dockutil to each machine, and will only affect the user template, so you'd have to have another policy set to run after users are migrated, if you are moving user folders to the machine.

jeremy_spolande
New Contributor

We are just starting to use casper for imaging so want to apply policies to new builds but dont want this to update all existing machines so for now am using a new naming convention and targetting a varety of tasks to hit smart groups made up of all macs starting with that naming only.

justinworkman
Contributor

I run a policy at image time that does a 'touch /var/is.imaged' then I have an extension attribute that gives the result of `ls /var | grep is.imaged` which if it has been imaged is 'is.imaged'. Then create a Smart Group based on the results of the EA.

alexjdale
Valued Contributor III

I have a script that is part of my image configuration which takes the current date and writes it to a plist in a sortable format: yyyymmdd. I pull that into an extension attribute as an integer, and then I can use that criteria in a smart group with ">" the date when I want to start applying a change without affecting older systems.

njavier
New Contributor

When I image a machine I name the computer with a "-new" extension (i.e mbp-12345-new), then create a Smart Group with a "Computer Name" under Criteria , "Like" Operator, and "-new" Value. You may then add the Smartgroup with any of your policy. It is simple but it works. You can then rename the computer when it is ready to deploy.