Jamf Nation Community

Greetings all.

Deployment of iOS devices came up a few weeks ago and, as usual when that subject is mentioned, I groaned loudly.

Last week I deployed another large batch of these devices and I once again began fuming at the tedium of the whole process. Especially report generation and the initial process of getting them onto our wireless network.

As I mentioned once before, we use a combination of WPA2 and MAC whitelist to gatekeep our wireless -- so even after deploying a profile to our iThings, I still have to generate a list of all MAC addresses to import into the accepted device list before I can even get them on the network.

I hate, hate, hate copying those MAC's from ICU to my csv import. Hate it. It ruins my whole zen thing every time. Especially when I'm kicking out more than a small handful.

So, I finally decided to do something about it.

To begin with, ICU handles each device as an individual record. This record is saved as an xml file in ~/Library/MobileDevice/Devices using a naming convention that was clearly designed to drive me insane all Lovecraft style. (i.e. a935d360ecd164c7a30ad5144c5beb2f743faff2) These xml files are roughly 2400 odd lines of text and in somewhere therein lies the actual information needed.

I installed ICU on a test box, hooked up an iPod and wrote a device record. Then I searched for the MAC address in that record and mapped out its location.

The information specifically regarding the hardware looks like this:

<key>deviceActivationState</key>
<string>Activated</string>
<key>deviceBluetoothMACAddress</key>
<string>xx:xx:xx:xx:xx:xx</string>
<key>deviceBuildVersion</key>
<string>8B117</string>
<key>deviceCapacityKey</key>
<integer>31436480512</integer>
<key>deviceClass</key>
<string>iPod</string>
<key>deviceIdentifier</key>
<string>xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</string>
<key>deviceLastConnected</key>
<date>2010-12-24T03:46:52Z</date>
<key>deviceName</key>
<string>iOS4_Test</string>
<key>deviceProductVersion</key>
<string>4.1</string>
<key>deviceSerialNumber</key>
<string>xxxxxxxxxxx</string>
<key>deviceType</key>
<string>iPod3,1</string>
<key>deviceWiFiMACAddress</key>
<string>xx:xx:xx:xx:xx:xx</string>
<key>provisioningProfiles</key>
<array/>

I considered what additional info I wanted/needed (specifically: name, product version, serial #, device type and WiFi MAC) and prepared a quick and dirty grep | sed > foo to handle the rest:

grep -r -i -B8 -A1 -h deviceWiFi ~/Library/MobileDevice/ | sed 's/<string>/ /g' | sed 's/<key>/ /g' | sed 's/</string>/ /g' | sed 's/</key>/ /g' | sed 's/deviceName /Device Name /g' | cut -d= -f2 > iOSMACReport.txt

This will search all the device records in ~/Library/MobileDevices and kick out a text file on your desktop the looks like this.

Device Name
iOS4_Test
deviceProductVersion
4.1
deviceSerialNumber
xxxxxxxxxxx
deviceType
iPod3,1
deviceWiFiMACAddress
xx:xx:xx:xx:xx:xx
--

If you've got a lot of devices, you'll have a very long text file.

This is great for my record keeping, but it still leaves a crap load of copying for that MAC list. So:

grep -i '[0-9A-F]{2}(:[0-9A-F]{2}){5}' ~/Desktop/iOSMACReport.txt | awk '{print $1}' > ImportMAC.txt

The output of which gives me just a list of only WiFI MAC addresses.

Finally, I lightly tossed the two in bash script and enjoyed the results with a glass of bourbon as my angst washed away. There's obvious room for refinement (as well as plenty of options to flesh out), but this hopefully will keep the insanity at bay a little longer.

Apologies if I went into too many details, I just figured that if anyone wanted a quick and dirty fix to the process, I'd offer it up as a whole.

Happy New Year, folks.

thom