PUT command with error reporting?

PhilS
New Contributor II

I'm pretty new to using the API; so far only able to use MUT to do anything useful there.
Situation: we have a piled-up group of Macs needing to be decommissioned/destroyed for audit compliance. And our Jamf renewal is coming due so I want to get all those deleted from our JSS to give an accurate estimate of license needs.
What I've tried: We created a .csv with the serial numbers of all those old Macs. Strategy was to use MUT to create a static group upon which I could then run a Delete action.
What happened: It turned out that most of those serial numbers are not found in the JSS so the MUT update runs all fail, but with no more detailed error reporting than "could not match", so I've mostly ended up sieving down to running these numbers one at a time, very tedious.
Ask: is there a way to write a PUT command manually, to run against that .csv, that will add all the numbers to the static group that still exist in the JSS and spit out the ones that aren't? Thanks to the true Jedi Masters of Jamf API!

3 REPLIES 3

Macintosh_HD
New Contributor

Did you check this info?
https://www.jamf.com/jamf-nation/discussions/31186/how-to-delete-computer-record-from-terminal

PhilS
New Contributor II

That's how I figure (a) it's possible, and (b) I need help. There's nothing in the API index for Static Computer Groups. But I know they can be addressed, since MUT is doing it.

Mauricio
Contributor II

@PhilS If you are planning to delete the Macs once in that static group you could save yourself the trouble and delete them straight away.
All depends on how you want to do this, loads of options.
I've put this script as a template, if works for you.

1) JAMF details
Our instance is on-prem.

2) checkCredentials function
You may have/want to have an _API account in Jamf, there is a check for it if not just comment it out.

3) move to static group option function
staticGroupID info required

4) delete option function

comment out the parts you don't want.

5) serialNumbers is an array to make the process simpler.

Also if you want a "report" output for each call change the requestOutputFile to suit your needs.
What we are focusing here is the API response codes (200, 201, 404, 409, 500)

#!/bin/bash

toolVersion="0.0.1"
##########################################################################################
#
# Author: <> 2021
#
# change log:
# created: 2021-05-12

##########################################################################################

# JAMF details
jamfServerAddress='https://<jamf server address>:8443/JSSResource'
jamfAdminName=''
jamfAdminPassword=''
staticGroupID=''

# List of serial numbers
serialNumbers=(  )

#########################################################################################
#
# FUNCTIONS
#
#########################################################################################

printHeader() {
    echo ""
    echo "••••••••••••••••••   Process Macs via serial number: $toolVersion  ••••••••••••••••••"
}

printFooter() {
     echo "••••••••••••••••••••••••••   Finished   ••••••••••••••••••••••••••••••"
}

moveStaticComputerGroup() {

  requestOutputFile='/dev/null'
  # or output to a file
  # requestOutputFile="/tmp/${1}.txt"

  policyData="<computer_group><computer_additions><computer><serial_number>$1</serial_number></computer></computer_additions></computer_group>"
  putOutput=$(/usr/bin/curl --write-out '%{http_code}' --output "$requestOutputFile" --silent "$jamfServerAddress/computergroups/id/$staticGroupID" --user "$jamfAdminName:$jamfAdminPassword" --header "Content-Type: text/xml" --request PUT --data-raw "$policyData")
  if [ $putOutput -eq 201 ]; then
    echo "SUCCESS"
  else
    echo "FAIL: ($putOutput)"
    # 409 Error: Unable to match computer
  fi
}

deleteComputer() {

  requestOutputFile='/dev/null'
  # or output to a file
  # requestOutputFile="/tmp/${1}.txt"

  putOutput=$(/usr/bin/curl --write-out '%{http_code}' --output "$requestOutputFile" --silent "$jamfServerAddress/computers/serialnumber/$1" --user "$jamfAdminName:$jamfAdminPassword" --header "Content-Type: text/xml" --request DELETE)
  if [ $putOutput -eq 200 ]; then
    echo "SUCCESS"
  else
    echo "FAIL: ($putOutput)"
    # 404 is not found...
  fi
}

checkCredentials() {
  echo "Checking credentials..."
  testCredentials=$(/usr/bin/curl --write-out %{http_code} --retry 3 --silent --output /dev/null --user "${1}:${2}" "$jamfServerAddress/accounts")
  echo "Account status: $testCredentials"
  if [[ "$testCredentials" -eq 200 ]]; then
    echo "Credentials: Valid"
  else
    echo "ERROR: Wrong user name or password in Jamf. ($testCredentials)"
    printFooter
    exit 1
  fi
}


#########################################################################################
#
# SCRIPT
#
#########################################################################################

printHeader

checkCredentials "$jamfAdminName" "$jamfAdminPassword"

for thisSerial in "${serialNumbers[@]}"
do
  echo "Processing Mac serial number: $thisSerial"

  ## move to the static computer group
  moveStaticComputerGroup "$thisSerial"

  ## or can delete straight away
  # deleteComputer "$thisSerial"

done

printFooter

exit 0

I hope this can help you.
Regards.