- Jamf Nation Community
- Products
- Jamf Pro
- Re: Renaming, unbinding and re-binding clients
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-01-2014 07:44 AM
Hey guys!
We just recently started using Casper Suite in our organization and I've run into an issue.
Basically, we have a bunch of computers that have different LocalHost names compared to their Active Directory names. Usually, their LocalHost name is correct (meaning it shows up correctly in JSS) but the one in Active Directory is not. What is the best way of finding the wrongly named clients, rename them, unbind them and then re-bind them again?
I thought I'd do the following:
1. Grep the bound name of all clients
2. Filter out the correctly bound names
3. Create a group with the erroneous names
4. Associate them with unbindAD.sh, rename the computer using a script and then let JSS bind them again
I wrote a script that greps the computer name as shown in Active Directory:
#!/bin/sh
ADNAME=`dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev`
echo "$ADNAME"
exit 0The script works fine, I tested it on my own (correctly named) computer and the results are shown as below:
My questions is, how can I get the Script result easily? Is there a way to view the results without having to manually open the policy, click Logs and then individually click Show under each client? Can the JSS automatically email me the results? Or is there an alternative way to accomplish what I'm after?
Thanks!
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-01-2014 07:49 AM
Put that script into Extension Attribute format by enclosing the result in <result> tags, like:
echo "<result>$ADNAME</result>"Whenever the Macs collect inventory the information will show up in the Mac's inventory details.
Stepping back a moment though, why is it particularly important that the AD name and local hostname match up? It doesn't actually matter if they don't match in my experience. Is it just because your AD folks want to make sure they are the same? Or is there some other reason?
BTW, meant to say also that you can shorten that line significantly with the following:
dsconfigad -show | awk '/Computer Account/{print $NF}'No need for the rev's and cut's, etc.
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-01-2014 07:49 AM
Put that script into Extension Attribute format by enclosing the result in <result> tags, like:
echo "<result>$ADNAME</result>"Whenever the Macs collect inventory the information will show up in the Mac's inventory details.
Stepping back a moment though, why is it particularly important that the AD name and local hostname match up? It doesn't actually matter if they don't match in my experience. Is it just because your AD folks want to make sure they are the same? Or is there some other reason?
BTW, meant to say also that you can shorten that line significantly with the following:
dsconfigad -show | awk '/Computer Account/{print $NF}'No need for the rev's and cut's, etc.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-01-2014 07:56 AM
Sort of off topic, I apologize, but does anyone know which name is used for DNS registration of the system's hostname? I've thought about doing a similar "name correction script" to make the local name match the AD name, but I am not sure what is impacted. A computer can have 4 names, basically:
-Active Directory bind name (I assume it would be this one)
-ComputerName
-HostName
-LocalHostName
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-01-2014 08:07 AM
Thank you for a quick answer mm2270! And yes, it's for consistency in Active Directory :)
Since I'm very new to Casper Suite, I'm not really familiar with Extension Attributes. I tried copy/pasting the script into a new Extension Attribute, changing the line echo "$ADNAME" to echo "<result>$ADNAME</result>" and showing it under Inventory Display but nothing really shows up (it's just blank). Data Type is set to String and the Input Type is Script.
Not sure if I missed anything or if I misunderstood what I was supposed to do.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-01-2014 08:15 AM
Extension Attributes only get populated once a Mac or Macs submit inventory. Also, I assume you copy/pasted the script into the actual script window contents, correct? I only ask because I've made the bonehead mistake at times of putting my script into the Description section of the Extension Attribute since that's the first field that appears when you create a new one. :)
Anyway, assuming you have everything set correctly, take a Mac and force it to submit new inventory. sudo jamf recon in Terminal for example on it, then go back in to the JSS and pull up the computer record and look again.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-01-2014 11:20 PM
mm2270 it worked! Seems I was a little too eager before, not patient enough. The Macs are popping up now, showing their AD name :) Thanks a lot!
