Outset - Jamf helper script
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2020 04:24 AM
So I started to use outset for 1st time login script. I have made a jamfhelper script that I have packaged
So when logging in the jamf helper script appears, so outset does the job - but when I then click on the "ok" button in that should trigger a policy nothing happens
If I run it direct in jamf it works fine, so guess the reason must be something with they way the script is executed?
I also added it to the previliged-once in outset, but there the jamf helper script does not even appear.
Any has some idea ? - or maybe other way I could do ?.
![sdagley sdagley](https://community.jamf.com/legacyfs/online/avatars/2b9f79b51d084c79a58cba67a9beac9a.png)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2020 05:13 AM
@jameson If you're calling the Jamf binary to trigger a policy you have to be running as root, and if you're running something triggered via a LaunchAgent you'll only have user permissions. If you can re-build your script as something triggered via a LaunchDaemon you'll be running as root and can trigger a policy with the Jamf binary.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2020 06:00 AM
Well I guess in outset there is something called login-privileged-once that is run as root - or do I misunderstand?. However, nothing is executed when I run the jamfhelper script and nothing even appears
![sdagley sdagley](https://community.jamf.com/legacyfs/online/avatars/2b9f79b51d084c79a58cba67a9beac9a.png)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2020 06:24 AM
@jameson If your script is in /usr/local/outset/login-privileged-once/ then yes, it looks like it should be run as root by Outset. Can you post your script here for review? (Please be sure to use the code block tag which is a ``` before and after your script so it displays correctly)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2020 06:43 AM
#!/bin/bash
## Set the variables
JamfHelper="/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper"
icon_folder="/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/SharedSupport/Microsoft Error Reporting.app/Contents/Resources/office_threshold_arrow.icns"
icon_size=150
## PREP MESSAGE
afplay --volume 10 /System/Library/Components/CoreAudio.component/Contents/SharedSupport/SystemSounds/system/payment_success.aif
title="Information "
heading="One step left, before you can get access to your email"
descrip="You will need to register the mac in the company portal, before email access will work.
When you Click 'OK' below the Company Portal will show up.
It will ask for sign in two times and keychain will also popup and ask for password. When Keychain popup appear type password and click 'always allow'.
Click ‘OK’ to register the mac now"
## Displaying Notification Window (JAMFHelper)
RESULT=$("$JamfHelper" -startlaunchd -windowType utility -title "$title" -heading "$heading" -description "$descrip" -button1 "OK" lockHUD -icon "$icon_folder" -iconSize "$icon_size")
if [ $RESULT == 0 ]; then
/usr/local/jamf/bin policy -trigger new19
elif [ $RESULT == 2 ]; then
exit 0
fi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2020 07:00 AM
It is placed in login-privileged-once but nothing happens. If I place exact same script in login-once it pops up
![sdagley sdagley](https://community.jamf.com/legacyfs/online/avatars/2b9f79b51d084c79a58cba67a9beac9a.png)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2020 09:42 AM
@jameson A couple of things look wrong for your call to jamfHelper: -startlaunchd
isn't needed, and lockHUD
should be -lockHUD
but you're not using a HUD windowType is so it's not appropriate. I can't say that's your problem, but try fixing those and see what happens.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2020 01:33 PM
The same script works fine in login-once, so if it where script error it would not work anywhere I guess
![sdagley sdagley](https://community.jamf.com/legacyfs/online/avatars/2b9f79b51d084c79a58cba67a9beac9a.png)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2020 01:43 PM
One is running in user context, the other is running in the root context. The behavior is different between the two as you have discovered the hard way.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-25-2020 05:40 AM
So tried a complete new installation on a new mac (not a VM) and now the jamf helper script is popping up in login-previleged. BUT - when I click OK nothing happens
If I do a terminal and do sudo and run the script file stored in login-previleged folder, it works
So something must be different ?!?
![](/skins/images/2158B5CD26EFE470CCCABEF5ED844A7A/responsive_peak/images/icon_anonymous_message.png)