I'm pretty new to using the API; so far only able to use MUT to do anything useful there.
Situation: we have a piled-up group of Macs needing to be decommissioned/destroyed for audit compliance. And our Jamf renewal is coming due so I want to get all those deleted from our JSS to give an accurate estimate of license needs.
What I've tried: We created a .csv with the serial numbers of all those old Macs. Strategy was to use MUT to create a static group upon which I could then run a Delete action.
What happened: It turned out that most of those serial numbers are not found in the JSS so the MUT update runs all fail, but with no more detailed error reporting than "could not match", so I've mostly ended up sieving down to running these numbers one at a time, very tedious.
Ask: is there a way to write a PUT command manually, to run against that .csv, that will add all the numbers to the static group that still exist in the JSS and spit out the ones that aren't? Thanks to the true Jedi Masters of Jamf API!
PUT command with error reporting?
+6+4Did you check this info?
https://www.jamf.com/jamf-nation/discussions/31186/how-to-delete-computer-record-from-terminal
+6That's how I figure (a) it's possible, and (b) I need help. There's nothing in the API index for Static Computer Groups. But I know they can be addressed, since MUT is doing it.
+11@PhilS
If you are planning to delete the Macs once in that static group you could save yourself the trouble and delete them straight away.
All depends on how you want to do this, loads of options.
I've put this script as a template, if works for you.
1) JAMF details
Our instance is on-prem.
2) checkCredentials function
You may have/want to have an _API account in Jamf, there is a check for it if not just comment it out.
3) move to static group option function
staticGroupID info required
4) delete option function
comment out the parts you don't want.
5) serialNumbers is an array to make the process simpler.
Also if you want a "report" output for each call change the requestOutputFile to suit your needs.
What we are focusing here is the API response codes (200, 201, 404, 409, 500)
#!/bin/bash
toolVersion="0.0.1"
##########################################################################################
#
# Author: <> 2021
#
# change log:
# created: 2021-05-12
##########################################################################################
# JAMF details
jamfServerAddress='https://<jamf server address>:8443/JSSResource'
jamfAdminName=''
jamfAdminPassword=''
staticGroupID=''
# List of serial numbers
serialNumbers=( )
#########################################################################################
#
# FUNCTIONS
#
#########################################################################################
printHeader() {
echo ""
echo "•••••••••••••••••• Process Macs via serial number: $toolVersion ••••••••••••••••••"
}
printFooter() {
echo "•••••••••••••••••••••••••• Finished ••••••••••••••••••••••••••••••"
}
moveStaticComputerGroup() {
requestOutputFile='/dev/null'
# or output to a file
# requestOutputFile="/tmp/${1}.txt"
policyData="<computer_group><computer_additions><computer><serial_number>$1</serial_number></computer></computer_additions></computer_group>"
putOutput=$(/usr/bin/curl --write-out '%{http_code}' --output "$requestOutputFile" --silent "$jamfServerAddress/computergroups/id/$staticGroupID" --user "$jamfAdminName:$jamfAdminPassword" --header "Content-Type: text/xml" --request PUT --data-raw "$policyData")
if [ $putOutput -eq 201 ]; then
echo "SUCCESS"
else
echo "FAIL: ($putOutput)"
# 409 Error: Unable to match computer
fi
}
deleteComputer() {
requestOutputFile='/dev/null'
# or output to a file
# requestOutputFile="/tmp/${1}.txt"
putOutput=$(/usr/bin/curl --write-out '%{http_code}' --output "$requestOutputFile" --silent "$jamfServerAddress/computers/serialnumber/$1" --user "$jamfAdminName:$jamfAdminPassword" --header "Content-Type: text/xml" --request DELETE)
if [ $putOutput -eq 200 ]; then
echo "SUCCESS"
else
echo "FAIL: ($putOutput)"
# 404 is not found...
fi
}
checkCredentials() {
echo "Checking credentials..."
testCredentials=$(/usr/bin/curl --write-out %{http_code} --retry 3 --silent --output /dev/null --user "${1}:${2}" "$jamfServerAddress/accounts")
echo "Account status: $testCredentials"
if [[ "$testCredentials" -eq 200 ]]; then
echo "Credentials: Valid"
else
echo "ERROR: Wrong user name or password in Jamf. ($testCredentials)"
printFooter
exit 1
fi
}
#########################################################################################
#
# SCRIPT
#
#########################################################################################
printHeader
checkCredentials "$jamfAdminName" "$jamfAdminPassword"
for thisSerial in "${serialNumbers[@]}"
do
echo "Processing Mac serial number: $thisSerial"
## move to the static computer group
moveStaticComputerGroup "$thisSerial"
## or can delete straight away
# deleteComputer "$thisSerial"
done
printFooter
exit 0I hope this can help you.
Regards.
Reply
Most helpful members this week
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.