- Jamf Nation Community
- Products
- Jamf Pro
- Re: Rename Policy
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Rename Policy
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2016 06:55 AM
Hi,
We have a policy that is set up to rename the computer if it is not already named using the school's naming convention and is in the school's smart group. The trigger is at check-in. The setting, " Force computers to submit updated inventory information to the JSS" has been enabled. It worked initially but has not been applying to the client for some time now. I have tried forcing the policy through the terminal and reimaging. I have tried to troubleshoot the issue but have not been able to see if the issue is with the policy, script, or the device.
The script is posted below. Does anyone have any suggestions?
!/bin/sh
ensure this is run as root
if
[ whoami != root ]
then
echo Please run this script as root or using sudo
exit
fi
check of computer is already bound to domain
domain="k12.us" current=$( dsconfigad -show | awk '/Active Directory Domain/{print $NF}' )
if [[ "${domain}" == "${current}" ]]; then
echo Computer already bound to AD
exit
fi
Set a variable with the last 7 digits of SN
L7SN=/usr/sbin/system_profiler SPHardwareDataType | awk '/Serial/ { print $NF }' | tail -c 9
Is this a portable? 0 = no, 1 = yes
BOOK=/usr/sbin/system_profiler SPHardwareDataType | awk '/Model Name/' | grep Book | wc -l
Set system name variable based on the above two variables
if [ $BOOK == 1 ]
then
NAME=7366STL$L7SN
else
NAME=7366STD$L7SN
fi
Set Computer name based on Variable
/usr/sbin/scutil --set ComputerName $NAME
/usr/sbin/scutil --set HostName $NAME
/usr/sbin/scutil --set LocalHostName $NAME
Labels:
- Labels:
-
Settings and Security Management
7 REPLIES 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2016 07:13 AM
Does your policy log provide any error details?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2016 07:26 AM
Couple of things. First, if you could please edit your post to include the script tags around your script so it formats correctly, that would help some. Highlight the whole script, then click the button in the post edit toolbar that look like >_
Second, check your policy settings to ensure its not set to run Once per computer as the frequency. With that setting, even if a Mac falls into a Smart Group for example, the policy won't run again if it already ran once. Make sure its set to Ongoing frequency if you want it to continuously fix the naming convention as machines land into the group.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2016 12:07 PM
@easyedc I checked my policy logs and there are no errors listed for the rename policy.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2016 12:28 PM
@mm2270 I have copied the script below. I verified the execution frequency is set to ongoing.
#!/bin/sh
# ensure this is run as root
if
[ `whoami` != root ]
then
echo Please run this script as root or using sudo
exit
fi
# check of computer is already bound to domain
domain=".k12"
current=$( dsconfigad -show | awk '/Active Directory Domain/{print $NF}' )
if [[ "${domain}" == "${current}" ]]; then
echo Computer already bound to AD
exit
fi
# Set a variable with the last 7 digits of SN
L7SN=`/usr/sbin/system_profiler SPHardwareDataType | awk '/Serial/ { print $NF }' | tail -c 9`
# Is this a portable? 0 = no, 1 = yes
BOOK=`/usr/sbin/system_profiler SPHardwareDataType | awk '/Model Name/' | grep Book | wc -l`
# Set system name variable based on the above two variables
if [ $BOOK == 1 ]
then
NAME=7366STL$L7SN
else
NAME=7366STD$L7SN
fi
# Set Computer name based on Variable
/usr/sbin/scutil --set ComputerName $NAME
/usr/sbin/scutil --set HostName $NAME
/usr/sbin/scutil --set LocalHostName $NAMEOptions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2016 12:52 PM
So what happens if you just run this script locally without JAMF involved? When get it (running on a VM) I get a clean output.
Last login: Tue Nov 22 15:38:26 on console
Administrators-Mac:~ admin$ sudo -i
WARNING: Improper use of the sudo command could lead to data loss
or the deletion of important system files. Please double-check your
typing when using sudo. Type "man sudo" for more information.
To proceed, enter your password, or type Ctrl-C to abort.
Password:
Administrators-Mac:~ root# sh -x /Users/admin/Desktop/name.sh
++ whoami
+ '[' root '!=' root ']'
++ /usr/sbin/system_profiler SPHardwareDataType
++ awk '/Serial/ { print $NF }'
++ tail -c 9
+ L7SN=JxfkpsAF
++ /usr/sbin/system_profiler SPHardwareDataType
++ awk '/Model Name/'
++ grep Book
++ wc -l
+ BOOK=' 0'
+ '[' 0 == 1 ']'
+ NAME=7366STDJxfkpsAF
+ /usr/sbin/scutil --set ComputerName 7366STDJxfkpsAF
+ /usr/sbin/scutil --set HostName 7366STDJxfkpsAF
+ /usr/sbin/scutil --set LocalHostName 7366STDJxfkpsAF
Administrators-Mac:~ root# hostname
7366STDJxfkpsAF
Administrators-Mac:~ root# exit
logout
Administrators-Mac:~ admin$ sudo sh -x /Users/admin/Desktop/name.sh
++ whoami
+ '[' root '!=' root ']'
++ /usr/sbin/system_profiler SPHardwareDataType
++ awk '/Serial/ { print $NF }'
++ tail -c 9
+ L7SN=JxfkpsAF
++ /usr/sbin/system_profiler SPHardwareDataType
++ awk '/Model Name/'
++ grep Book
++ wc -l
+ BOOK=' 0'
+ '[' 0 == 1 ']'
+ NAME=7366STDJxfkpsAF
+ /usr/sbin/scutil --set ComputerName 7366STDJxfkpsAF
+ /usr/sbin/scutil --set HostName 7366STDJxfkpsAF
+ /usr/sbin/scutil --set LocalHostName 7366STDJxfkpsAF
Administrators-Mac:~ admin$ sudo sh -x /Users/admin/Desktop/name.sh
++ whoami
+ '[' root '!=' root ']'
+ domain=.k12
++ dsconfigad -show
++ awk '/Active Directory Domain/{print $NF}'
+ current=
+ [[ .k12 == '' ]]
++ /usr/sbin/system_profiler SPHardwareDataType
++ awk '/Serial/ { print $NF }'
++ tail -c 9
+ L7SN=JxfkpsAF
++ /usr/sbin/system_profiler SPHardwareDataType
++ awk '/Model Name/'
++ grep Book
++ wc -l
+ BOOK=' 0'
+ '[' 0 == 1 ']'
+ NAME=7366STDJxfkpsAF
+ /usr/sbin/scutil --set ComputerName 7366STDJxfkpsAF
+ /usr/sbin/scutil --set HostName 7366STDJxfkpsAF
+ /usr/sbin/scutil --set LocalHostName 7366STDJxfkpsAF
Administrators-Mac:~ admin$I ran it with and without your AD check. both worked.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-22-2016 02:24 PM
My two cents:
a useful resource with scripts is to copy/paste them into [http://www.shellcheck.net](link URL) to find bugs in your shell scripts. For example, your shell script will probably do better has a bash (#!/bin/bash) as opposed to a sh script (#!/bin/sh), though I doubt that this is the cause of your issue.
another useful troubleshooting resource is to--rather than run the policy through the JSS---run the policy through the Terminal, using a command like:
sudo jamf policy -event <event> -verbosewhere <event> is the custom trigger associated with the policy in the JSS.
The output should provide more information why the policy is not working. If the output does not explain things, then copy/paste it for us and we will help.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-30-2016 10:26 AM
Thank you. I will look into these suggestions.
