PreStage Enrollment Heaven

schradera
New Contributor III

Hey everyone! Thanks for taking the time to read this. I've been looking at lot of the JAMF discussions and man pages and other materials, trying to find a way to compile them into something that works for my environment. We are using DEP and have PreStage Enrollments setup to install the JSS binary. So to enroll them I only have to power them on. The ultimate goal for me to walk away at this point assured that SmartGroups and Policy will take over. Trouble is that SmartGroups and Policy's are based on the naming convention for the devices in our school (Room#-D##). Multiple users will be using these so a device named after a user is not ideal. I was looking into renaming the computers based on the serial number but I can't quite seem to get the code right.

I am working with JAMF 9.96 (I'll be upgrading to JAMF Pro over the summer)
JSS is on a MacPro running 10.11.6 (will also be upgraded over the summer)
End devices are running 10.12.3 (will be upgraded over the summer)

1 ACCEPTED SOLUTION

lynnaj
New Contributor III

Here is the part of my script that does the DNS reverse name lookup and sets the computer name to what is registered in our DHCP servers. For this to work, I first add the ethernet hardware address of all of my macs to our DHCP registry so that they get a preferred IP address which is assigned to a registered unique computer name. The network team here has a web form I can use to add macs one at a time or, if I need them to, they can parse a list of ethernet hardware addresses and associated names. I'm blessed to have such great support from our network team!

Anyway - here's the script snippet in case it helps someone else ... you'll need to copy this into a real script for it to work properly.

# Set the computer name to what it is in our DNS servers with a reverse
# name lookup on the IP address and trim the result to just the hostname
this_ip=$(ifconfig en0 | grep 'inet ' | grep -v '127.0.0.1' | awk '{ print $2}')
this_host=$(nslookup $this_ip|grep "name ="|sed 's/^.*name = //'| sed '$s/.$//')
this_name=${this_host%.williams.edu}

systemsetup -setcomputername $this_name
scutil --set ComputerName $this_name
scutil --set HostName $this_name
scutil --set LocalHostName $this_name
echo " ------- End computer rename"

# example of something you can do with predictable computer names that are set correctly
# determine if this is a lectern mac and change the desktop background accordingly
if [[ $this_name == *"-mac" ]]; then
  echo " ------- Detected lectern mac, changing desktop background ... at: $(date) "
  cp /Library/Application Support/Williams/DeskBackground/desklec.jpg /Library/Application Support/Williams/DeskBackground/deskback.jpg
fi

I included at the end an example of another part of the script where I change the deaktop background based on the predictable computer name. All my "lectern" macs - those macs attached to classroom projection systems - have their computer name end with "-mac". Therefore, I can use that to change the desktop background from the general lab image to the one for lecterns that gives very specific instructions and phone numbers for the classroom support team.

Anyway - hope it helps someone.

View solution in original post

11 REPLIES 11

duffcalifornia
Contributor

What I would do is set a smart group to all computers that are enrolled via PreStage enrollment and have them run this script with an enrollment complete trigger:

!/bin/bash

jamf setComputerName -useSerialNumber
jamf recon

schradera
New Contributor III

Thanks for the response!

Trouble is, that doesn't get me to the desired outcome. The naming convention of the school is similar to this Room#-D##. All the smart groups and policies are based off that. Got anything for that?

seann
Contributor

You could always put the list of names and serial numbers into the script, grab the serial number for the device, then set the name based on the match (assuming serials have been assigned names prior to enrollment). Or, you can even host the list on a site, curl it, and grep/match within the file.

lynnaj
New Contributor III

My computers also use a naming convention of something like "building-room-xx". In my case I register all my ethernet addresses in our DHCP servers with this naming convention before connecting them to the network. Then, on enrollment, I run a script to collect the assigned IP address of the mac and do a reverse name lookup to set the computer name. The script does a bunch of other things like install my site-specific JAMF enrollment package as well as join the macs to our AD.

If that sounds like something which will work for you let me know and I'll post the relevant portions of my script.

schradera
New Contributor III

Seann,

You lost me a little bit there. Would you mind finding another or more detailed way of explaining that?

lynnaj,

I am not married to any one specific way to do things. So your solution sounds like it will work just fine. I would be very appreciative of any portion of the script you'd be willing to share. I am curious though. I don't do a lot of work in DHCP. Did you have to manually enter in all of the MAC addresses OR are you able to upload a csv or a list in some other format?

lynnaj
New Contributor III

Here is the part of my script that does the DNS reverse name lookup and sets the computer name to what is registered in our DHCP servers. For this to work, I first add the ethernet hardware address of all of my macs to our DHCP registry so that they get a preferred IP address which is assigned to a registered unique computer name. The network team here has a web form I can use to add macs one at a time or, if I need them to, they can parse a list of ethernet hardware addresses and associated names. I'm blessed to have such great support from our network team!

Anyway - here's the script snippet in case it helps someone else ... you'll need to copy this into a real script for it to work properly.

# Set the computer name to what it is in our DNS servers with a reverse
# name lookup on the IP address and trim the result to just the hostname
this_ip=$(ifconfig en0 | grep 'inet ' | grep -v '127.0.0.1' | awk '{ print $2}')
this_host=$(nslookup $this_ip|grep "name ="|sed 's/^.*name = //'| sed '$s/.$//')
this_name=${this_host%.williams.edu}

systemsetup -setcomputername $this_name
scutil --set ComputerName $this_name
scutil --set HostName $this_name
scutil --set LocalHostName $this_name
echo " ------- End computer rename"

# example of something you can do with predictable computer names that are set correctly
# determine if this is a lectern mac and change the desktop background accordingly
if [[ $this_name == *"-mac" ]]; then
  echo " ------- Detected lectern mac, changing desktop background ... at: $(date) "
  cp /Library/Application Support/Williams/DeskBackground/desklec.jpg /Library/Application Support/Williams/DeskBackground/deskback.jpg
fi

I included at the end an example of another part of the script where I change the deaktop background based on the predictable computer name. All my "lectern" macs - those macs attached to classroom projection systems - have their computer name end with "-mac". Therefore, I can use that to change the desktop background from the general lab image to the one for lecterns that gives very specific instructions and phone numbers for the classroom support team.

Anyway - hope it helps someone.

schradera
New Contributor III

Thank you for posting that! That is very helpful. To test this I changed the name of a computer and ran the script line by line and got the desired result. So for computers that are already set up, that's a pretty neat tool.

The trouble seems to be that once we unbox and power on an iMac that isn't set up, the iMac grabs the reserved IP address and the reservation name is over written by the current computer name(at this point the computer is named iMac).

Do I have a step out of order OR can you tell me how you and yours have overcome this?

sjmosher
New Contributor II

I used to use a CSV file which was updated by a web script which, when the script was executed, would pull down a local copy of the file from the server, read through it/clean up, then match a name to a serial number and rename the system from that. Please ignore the miscellaneous echo statements as this was from a script run through the terminal. /Volumes/IT/Deploy/Cfg would naturally be whatever tmp dir you specify. The CSV file had headers of 'ser' (serial) and 'loc' (local name). The benefit to this is you only have to make sure the CSV file has the serial number and desired system name prior to the script being run. Hope this helps!

# Strip any 
 values from the CSV after loop
sed -i '' $'s/
$//' /Volumes/IT/Deploy/Cfg/names.csv

# Start remane process
echo "Starting Computer Rename..."
echo ""

# Get serial from ioreg
serial="$(ioreg -l | grep IOPlatformSerialNumber | sed -e 's/.*"(.*)"/1/')" 

# Initialize compName to null
compName=''

# Loop through CSV looking for a match
while IFS=',' read ser loc; do
  if [ "$serial" == "$ser" ]; then
    compName=$loc
    echo "Serial number matched with computer name: $compName"
  fi
done < /Volumes/IT/Deploy/Cfg/names.csv

# If compName is not null, use scutil to rename. Otherwise user must manually rename
if [[ -z $compName ]]; then
  echo "No computer name matches the serial number of your system. Either manually rename the system or update names.csv and re-run the script."
  exit 1

  else
  echo "Setting Host Name to $compName"
  scutil --set HostName "$compName"

  echo "Setting Computer Name to $compName"
  scutil --set ComputerName $compName

  echo "Setting Local Host Name to $compName"
  scutil --set LocalHostName "$compName"

  echo "Computer Renamed Successfully!"
fi

georgecm12
Contributor III

@sjmosher Thank you, thank you, thank you! That code is working beautifully in my "at enroll" script!

sjmosher
New Contributor II

@georgecm12 Glad to help!

schradera
New Contributor III

Thank you for all your responses and help. It really saved me a lot of time!