Jamf Nation Community

alexjdale · ‎08-07-2012

I see a major issue with Static groups for some use cases. When we re-image a system in order to re-issue it to another user, the system will rejoin the JSS under the same JSS ID, and it will still be in all of the same static groups it was in before.

We plan to use static groups to deploy software to systems, and with this behavior, a user with a reissued system will have all the same policies applied. That will lead to unwanted software installs.

Any thoughts on how to address this? Is it possible to purge a record from the JSS via script, before installing the QuickAdd package? Or some other way to clear it from all static groups?

mm2270 · ‎08-07-2012

This happens because the JSS is using the MAC address to identify your Macs, and, regardless of re-imaging, renaming the system or whatever, it sees that it is the same physical Mac. The JSS uses a JSS ID (which it matches up to the MAC address) to know which Macs belong in a static group.
I don't know that its a flaw. It was designed to work that way. You might want to look at another method of gathering your Macs together. One way would be by dropping a small invisible file at the root of the system with a name you can pick up in an Extension Attribute and pull them into a Smart Group, just as an example. There are probably a dozen other possible ways to do it.

alexjdale · ‎08-07-2012

Yeah, not sure how to handle this via policy without doing manual cleanup. I wish I could remove a system from a static group after a policy executes.

The idea of dropping a file on it ties back in to the original problem, that has to be done manually or via policy, which would repeat the cycle. I wish I could think of a dozen ways to do this. :-)

I'll have to look into the JAMF binary and see if I can find a way to clear a system out of the JSS, or use the API if I have to.

Jamf Nation Community

Re-imaged systems still in static groups