Help

rename a computer that is bound to AD

Go to solution
osxadmin
Contributor II

Posted on ‎02-10-2017 08:54 AM

I know there are different related post about this question, still can't find the answer I'm looking for.

-our macs are bound to AD
-sometimes we forget to rename the mac with proper name, we would like to update that remotely to our JSS and to our AD.

how can I do that? I would like to do that either way our-self or have the users do that them-self through self service.

thank you in advance for your help.

0 Kudos
Reply
2 ACCEPTED SOLUTIONS

Go to solution
stevewood
Honored Contributor II
Honored Contributor II

Posted on ‎02-10-2017 09:26 AM

@osxadmin I do that all by hand since I only have to do it occasionally. Here's something I whipped up really quick though. This is NOT tested so you'll need to test.

#!/bin/bash

# Purpose: Casper Self Service script to rename an AD bound Mac
# Author: Steve Wood (steve.wood@omnicomgroup.com)
# Date: 10 Feb 2017
# Version: 1.0

# variables
LOGPATH='<yourloggingpath>'
if [[ ! -d "$LOGPATH" ]]; then
    mkdir $LOGPATH
fi
set -xv; exec 1> $LOGPATH/renamelog.txt 2>&1
version=1.0

CD="<yourpathto>/cocoaDialog.app/Contents/MacOS/cocoaDialog"

# grab the new computer name using cocoaDialog
newName=`$CD standard-inputbox --informative-text "Please enter the new computer name:" --float`
newName=`echo $newName| awk '{ print $2 }'`

# unbind
dsconfigad -remove -user '$4' -force -password '$5'

# rename
jamf setComputerName -name ${newName}

# bind
### You can use the jamf binary to do this as below:
### jamf bind -type ad -domain <domain> -username '$4' -password '$5' -ou <Computer OU>
### or setup a policy with either a custom trigger or no trigger and use the ID which is what how I do it
jamf policy -id <pollicyid>

# recon
jamf recon

exit 0

You'll want to add that to your JSS and then add to a Policy that is Self Service triggered. In the 4 parameter box put the user name with bind rights in AD, and in 5 the password.

You'll also need cocoaDialog on that machine. Or, you can re-write the section about getting the new name using AppleScript instead, or if you want to hardcode the computer name, pass that as a variable as well.

View solution in original post

0 Kudos
Reply

Go to solution
luke_reagor
Contributor II

Posted on ‎02-10-2017 12:05 PM

Here's an Applescript version that does all 3 names. It also writes out to the terminal.

#!/bin/bash
clear

# FYI, the END) and END has to be the first thing on the line, no tabs or spaces before it.

# if not running from the jss, make this sudo=sudo, otherwise leave it sudo=
sudo=sudo


oldCompNames="ComputerName: $(scutil --get ComputerName)
"
oldCompNames=$oldCompNames"HostName: $(scutil --get HostName)
"
oldCompNames=$oldCompNames"LocalHostName: $(scutil --get LocalHostName)"

for (( ; ; )) #only using loop to exit early on invalid entries.
do

    #APPLESCRIPT TEXT
    dialogText="Enter the new Computer Name.
Old ones were...
$oldCompNames
"
    printf "$dialogText"
    #APPLESCRIPT PROMPT
    newCompName=$(/usr/bin/osascript<<END
    tell application "System Events"
        activate
        set the answer to text returned of (display dialog "$dialogText" default answer "" buttons {"Continue"})
    end tell
END)

    if [ ! "$newCompName" ]; then
        #APPLESCRIPT TEXT
        dialogText="!!! The new Computer Name is required. Try Again. !!!
"
        printf "$dialogText"
        #APPLESCRIPT PROMPT
        /usr/bin/osascript<<END
        tell application "System Events"
            activate
            display dialog "$dialogText" buttons {"Continue"}
        end tell
END
    else

        #do the work if passed all the error checks

        #APPLESCRIPT TEXT
        dialogText="Thank you. Click continue and wait while I perform the actions...

"
        printf "$dialogText"
        #APPLESCRIPT PROMPT
        /usr/bin/osascript<<END
        tell application "System Events"
            activate
            display dialog "$dialogText" buttons {"Continue"}
        end tell
END

        #rename mac
        printf "Setting mac name to $newCompName...
"
        newCompName="$(echo $newCompName | tr '[a-z]' '[A-Z]')" #making uppercase
        $sudo scutil --set ComputerName "$newCompName"
        $sudo scutil --set HostName "$newCompName"
        $sudo scutil --set LocalHostName "$newCompName"
        printf "
"

        #unbind/rebind AD
        printf "Unbinding/Rebinding mac to AD...
"
        $sudo jamf policy -id 143 # our policy that unbinds and rebinds to AD

# THIS IS THE UNBIND PART OF POLICY 143. THE BIND IS DIRECTLY IN THE POLICY ###########
#       #sees if already on domain. prevents error if already off domain.
#       isDomain=$(/usr/sbin/dsconfigad -show | grep '= domain'| awk '{print $4}')
#       if [ "$isDomain" == "domain" ]; then
#           echo "On domain."
#           echo "Unbinding the computer from Active Directory..."
#           dsconfigad -remove -force -username "$username" -password "$password"
#       else
#           echo "Not on domain."
#       fi
###########################################################################################


        #updating jamf
        printf "Updating JAMF...
"
        $sudo jamf recon

        printf "
"
        break #get out of the loop
    fi

done

#APPLESCRIPT TEXT
dialogText="Finished. Goodbye.
"
printf "$dialogText"
#APPLESCRIPT PROMPT
/usr/bin/osascript<<END
tell application "System Events"
    activate
    display dialog "$dialogText" buttons {"Continue"}
end tell
END

View solution in original post

0 Kudos
Reply
6 REPLIES 6

Go to solution
stevewood
Honored Contributor II
Honored Contributor II

Posted on ‎02-10-2017 09:04 AM

@osxadmin I'm not 100% certain what the consequences are to AD if you just rename the computer with unbinding first. So what I do is:

  1. Unbind the Mac
  2. Rename the Mac
  3. Bind the Mac again
  4. Recon the Mac

You can accomplish this via Self Service if you wanted. You could use a script to do it all, using AppleScript or CocoaDialog to grab what the new name would be from the user. By using a script you can pass the AD credentials needed to unbind via parameters.

0 Kudos
Reply

Go to solution
osxadmin
Contributor II

Posted on ‎02-10-2017 09:08 AM

@stevewood got it thank you, would you mind sharing your scripts for that process?

0 Kudos
Reply

Go to solution
stevewood
Honored Contributor II
Honored Contributor II

Posted on ‎02-10-2017 09:26 AM

@osxadmin I do that all by hand since I only have to do it occasionally. Here's something I whipped up really quick though. This is NOT tested so you'll need to test.

#!/bin/bash

# Purpose: Casper Self Service script to rename an AD bound Mac
# Author: Steve Wood (steve.wood@omnicomgroup.com)
# Date: 10 Feb 2017
# Version: 1.0

# variables
LOGPATH='<yourloggingpath>'
if [[ ! -d "$LOGPATH" ]]; then
    mkdir $LOGPATH
fi
set -xv; exec 1> $LOGPATH/renamelog.txt 2>&1
version=1.0

CD="<yourpathto>/cocoaDialog.app/Contents/MacOS/cocoaDialog"

# grab the new computer name using cocoaDialog
newName=`$CD standard-inputbox --informative-text "Please enter the new computer name:" --float`
newName=`echo $newName| awk '{ print $2 }'`

# unbind
dsconfigad -remove -user '$4' -force -password '$5'

# rename
jamf setComputerName -name ${newName}

# bind
### You can use the jamf binary to do this as below:
### jamf bind -type ad -domain <domain> -username '$4' -password '$5' -ou <Computer OU>
### or setup a policy with either a custom trigger or no trigger and use the ID which is what how I do it
jamf policy -id <pollicyid>

# recon
jamf recon

exit 0

You'll want to add that to your JSS and then add to a Policy that is Self Service triggered. In the 4 parameter box put the user name with bind rights in AD, and in 5 the password.

You'll also need cocoaDialog on that machine. Or, you can re-write the section about getting the new name using AppleScript instead, or if you want to hardcode the computer name, pass that as a variable as well.

0 Kudos
Reply

Go to solution
osxadmin
Contributor II

Posted on ‎02-10-2017 09:32 AM

@stevewood thank you for your help, I really appreciated!

0 Kudos
Reply

Go to solution
luke_reagor
Contributor II

Posted on ‎02-10-2017 12:05 PM

Here's an Applescript version that does all 3 names. It also writes out to the terminal.

#!/bin/bash
clear

# FYI, the END) and END has to be the first thing on the line, no tabs or spaces before it.

# if not running from the jss, make this sudo=sudo, otherwise leave it sudo=
sudo=sudo


oldCompNames="ComputerName: $(scutil --get ComputerName)
"
oldCompNames=$oldCompNames"HostName: $(scutil --get HostName)
"
oldCompNames=$oldCompNames"LocalHostName: $(scutil --get LocalHostName)"

for (( ; ; )) #only using loop to exit early on invalid entries.
do

    #APPLESCRIPT TEXT
    dialogText="Enter the new Computer Name.
Old ones were...
$oldCompNames
"
    printf "$dialogText"
    #APPLESCRIPT PROMPT
    newCompName=$(/usr/bin/osascript<<END
    tell application "System Events"
        activate
        set the answer to text returned of (display dialog "$dialogText" default answer "" buttons {"Continue"})
    end tell
END)

    if [ ! "$newCompName" ]; then
        #APPLESCRIPT TEXT
        dialogText="!!! The new Computer Name is required. Try Again. !!!
"
        printf "$dialogText"
        #APPLESCRIPT PROMPT
        /usr/bin/osascript<<END
        tell application "System Events"
            activate
            display dialog "$dialogText" buttons {"Continue"}
        end tell
END
    else

        #do the work if passed all the error checks

        #APPLESCRIPT TEXT
        dialogText="Thank you. Click continue and wait while I perform the actions...

"
        printf "$dialogText"
        #APPLESCRIPT PROMPT
        /usr/bin/osascript<<END
        tell application "System Events"
            activate
            display dialog "$dialogText" buttons {"Continue"}
        end tell
END

        #rename mac
        printf "Setting mac name to $newCompName...
"
        newCompName="$(echo $newCompName | tr '[a-z]' '[A-Z]')" #making uppercase
        $sudo scutil --set ComputerName "$newCompName"
        $sudo scutil --set HostName "$newCompName"
        $sudo scutil --set LocalHostName "$newCompName"
        printf "
"

        #unbind/rebind AD
        printf "Unbinding/Rebinding mac to AD...
"
        $sudo jamf policy -id 143 # our policy that unbinds and rebinds to AD

# THIS IS THE UNBIND PART OF POLICY 143. THE BIND IS DIRECTLY IN THE POLICY ###########
#       #sees if already on domain. prevents error if already off domain.
#       isDomain=$(/usr/sbin/dsconfigad -show | grep '= domain'| awk '{print $4}')
#       if [ "$isDomain" == "domain" ]; then
#           echo "On domain."
#           echo "Unbinding the computer from Active Directory..."
#           dsconfigad -remove -force -username "$username" -password "$password"
#       else
#           echo "Not on domain."
#       fi
###########################################################################################


        #updating jamf
        printf "Updating JAMF...
"
        $sudo jamf recon

        printf "
"
        break #get out of the loop
    fi

done

#APPLESCRIPT TEXT
dialogText="Finished. Goodbye.
"
printf "$dialogText"
#APPLESCRIPT PROMPT
/usr/bin/osascript<<END
tell application "System Events"
    activate
    display dialog "$dialogText" buttons {"Continue"}
end tell
END
0 Kudos
Reply

Go to solution
osxadmin
Contributor II

Posted on ‎02-10-2017 12:57 PM

@luke.reagor Thank you!

0 Kudos
Reply