Rename Computer Script

DanVT
New Contributor III

Hi All,

This one has come up before in the forums, but I am trying to determine why my script has stopped working in my test environment but still is working fine in production.  It's the same script and I made sure to change the script to reflect the API user in test.  We have a field in our preload called AssetTag which the script should be reading and then renaming the device to based on serial.  This script is failing with the following error:  Asset Tag is being set in the preload and is being seen by JAMF on the record but is not completing the change. 

Script exit code: 1
Script result: Asset Tag is empty. Exiting...
Error running script: return code was 1.

 

 

/bin/bash

#set the variables for the server and API account

jssUser=APIUSER
jssPass=PASSWORD
jssHost=https://jamfcloudinfohere.jamfcloud.com

#get the serial number

serialNumber="$(ioreg -l | grep IOPlatformSerialNumber | sed -e 's/.*\"\(.*\)\"/\1/')"

#get the asset tag from jamf

assetTag=$(/usr/bin/curl -H "Accept: text/xml" -sfku "${jssUser}:${jssPass}" "${jssHost}/JSSResource/computers/serialnumber/${serialNumber}/subset/general" | xmllint --format - 2>/dev/null | awk -F'>|<' '/<asset_tag>/{print $3}')

# set computer name 

if [ "$assetTag" == "" ]; then
 echo "Asset Tag is empty. Exiting..."
 exit 1
else 
 /usr/sbin/scutil --set HostName "$assetTag"
 /usr/sbin/scutil --set LocalHostName "$assetTag"
 /usr/sbin/scutil --set ComputerName "$assetTag" 
fi

sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.smb.server NetBIOSName "$assetTag"

/usr/local/jamf/bin/jamf recon

 

Thanks for any suggestions!

 

 

1 ACCEPTED SOLUTION

sdagley
Esteemed Contributor II

@DanVT Has your test environment been upgraded or rebuilt lately? Your script is using Basic Auth and that's now deprecated and disabled by default for new installs. For now you can change the Password Policy (under Settings->User accounts and groups) to allow Basic Auth, but that option is due for removal from Jamf Pro sometime in Q1 2024 so you need to change to Bearer Token auth (see https://community.jamf.com/t5/tech-thoughts/how-to-convert-classic-api-scripts-to-use-bearer-token/b...) or Client Credentials access to the Jamf Pro API (see https://developer.jamf.com/jamf-pro/docs/client-credentials) before then.

View solution in original post

7 REPLIES 7

sdagley
Esteemed Contributor II

@DanVT Has your test environment been upgraded or rebuilt lately? Your script is using Basic Auth and that's now deprecated and disabled by default for new installs. For now you can change the Password Policy (under Settings->User accounts and groups) to allow Basic Auth, but that option is due for removal from Jamf Pro sometime in Q1 2024 so you need to change to Bearer Token auth (see https://community.jamf.com/t5/tech-thoughts/how-to-convert-classic-api-scripts-to-use-bearer-token/b...) or Client Credentials access to the Jamf Pro API (see https://developer.jamf.com/jamf-pro/docs/client-credentials) before then.

DanVT
New Contributor III

Thank you!  I remember reading about this, but this article really breaks it down nicely.  I will make some changes and test.  Our test environment was recently spun up, so that makes sense.  

DanVT
New Contributor III

Getting there.  When it tries to reach out to get the token, its telling my path is incorrect.  This line seems to be the issue: 

 

# request auth token
authToken=$( /usr/bin/curl \
--request POST \
--silent \
--url "https://our_host.jamfcloud.com/api/v1/auth/token" \
--header "Authorization: Bearer $token" )

 

 

#!/bin/bash

#set the variables for the server and API account

jssUser=renameapi
jssPass=password
jssHost=https://our_host.jamfcloud.com

# request auth token
authToken=$( /usr/bin/curl \
--request POST \
--silent \
--url "https://our_host.jamfcloud.com/api/v1/auth/token" \
--header "Authorization: Bearer $token" )

echo "$authToken"

# parse auth token
token=$( /usr/bin/plutil \
-extract token raw - <<< "$authToken" )

tokenExpiration=$( /usr/bin/plutil \
-extract expires raw - <<< "$authToken" )

localTokenExpirationEpoch=$( TZ=GMT /bin/date -j \
-f "%Y-%m-%dT%T" "$tokenExpiration" \
+"%s" 2> /dev/null )

echo Token: "$token"
echo Expiration: "$tokenExpiration"
echo Expiration epoch: "$localTokenExpirationEpoch"

#get the serial number

serialNumber="$(ioreg -l | grep IOPlatformSerialNumber | sed -e 's/.*\"\(.*\)\"/\1/')"

#get the asset tag from jamf

assetTag=$(/usr/bin/curl -H "Accept: text/xml" -sfku "${jssUser}:${jssPass}" "${jssHost}/JSSResource/computers/serialnumber/${serialNumber}/subset/general" | xmllint --format - 2>/dev/null | awk -F'>|<' '/<asset_tag>/{print $3}')

# set computer name

if [ "$assetTag" == "" ]; then
 echo "Asset Tag is empty. Exiting..."
 exit 1
else 
 /usr/sbin/scutil --set HostName "$assetTag"
 /usr/sbin/scutil --set LocalHostName "$assetTag"
 /usr/sbin/scutil --set ComputerName "$assetTag"
fi

sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.smb.server NetBIOSName "$assetTag"

/usr/local/jamf/bin/jamf recon

 

DanVT
New Contributor III

I think I have my script working with the token bearer, but it still is failing from what seems to be the asset tag line.  Any help is much appreciated!

 

DanVT_0-1701896382738.png

 

#!/bin/bash

#API USER
user="username"
#API PASSWORD
pass="password"
# URL (https://yourjamfserver.jamfcloud.com)
jurl=""

#Start of getting Bearer Token
classicCredentials=$(printf "${user}:${pass}" | /usr/bin/iconv -t ISO-8859-1 | /usr/bin/base64 -i - )

# generate an auth token
authToken=$( /usr/bin/curl "${jurl}/uapi/auth/tokens" \
--silent \
--request POST \
--header "Authorization: Basic ${classicCredentials}" )

#bearertoken
token=$( /usr/bin/awk -F \" '{ print $4 }' <<< "$authToken" | /usr/bin/xargs )

#get the serial number

serialNumber="$(ioreg -l | grep IOPlatformSerialNumber | sed -e 's/.*\"\(.*\)\"/\1/')"

#get the asset tag from jamf

assetTag=$(/usr/bin/curl -H "Accept: text/xml" -sfku "${jssUser}:${jssPass}" "${jssHost}/JSSResource/computers/serialnumber/${serialNumber}/subset/general" | xmllint --format - 2>/dev/null | awk -F'>|<' '/<asset_tag>/{print $3}')

# set computer name 

if [ "$assetTag" == "" ]; then
 echo "Asset Tag is empty. Exiting..."
 exit 1
else 
 /usr/sbin/scutil --set HostName "$assetTag"
 /usr/sbin/scutil --set LocalHostName "$assetTag"
 /usr/sbin/scutil --set ComputerName "$assetTag" 
fi

sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.smb.server NetBIOSName "$assetTag"

/usr/local/jamf/bin/jamf recon

 

DanVT
New Contributor III

I did check our preload inventory and the asset tag line IS filled out correctly. 

did you ever figure this out?

red_beard
New Contributor III

Also curious about this as my previous script stopped working. I've tried making the switch to using Bearer Tokens but haven't gotten this revised script to run successfully yet.