Run a policy from another policy

New Contributor III

I feel like this is probably a basic idea, but I can't seem to get started. We have separate policies set up for each printer or copier that we have available for users to install. Each policy includes the driver package. I want to have the driver package installed through a separate policy so when we update that package, I don't have to manually change every printer policy. Is there a way to have users run a printer install policy from Self Service and have that policy then trigger the driver install policy to run?


Valued Contributor

@kbremner yes, you can create a new policy with a custom trigger and then have self service policy run a script that runs this by doing "jamf policy -trigger <custom trigger>". I do a method like this for installing different printers based on machine name.

Contributor III

That's pretty simple to do however one challenge may be the driver needs to be installed before the printer gets mapped.

The easiest way to do this would be to create a policy called "Print Drivers". Setup the packages for the drivers, use the custom trigger optionin the general tab and name is something like "printdriver", and set the frequency to the ongoing. Then scope it as you would like. Since the only way this will run is to run the custom trigger there is low risk in scoping it to all computers.

Then within the policies to map the printers select the File & Process item in the side bar, click configure, and in the execute command field put jamf policy -trigger printdriver.

I hope this was clear

-Shaun M.

New Contributor III

You'll want to use a custom event trigger for your driver policy:

You'll find this comes in handy for all sorts of policies!

Contributor III

As a suggestion, you can also then scope the driver policy to a smart group that is based on whether the driver is already installed. (You'll probably need to create a extension attribute to check for the driver.)

The advantage to this is that if you have multiple printers using the same driver package, it only installs once if the computer needs it. The computer then falls out of scope, and it'll just skip that job the next time around.

Contributor III

Below is the script we use. Same script for all our printers, just need to fill out the parameter values for $4 - $10 when adding to a policy.

It will see if there's a printer with the same IP already configured and delete if so.

Then checks locally if the driver is already installed. If not, it'll trigger the driver-only policy for whichever brand has been filled in for parameter 4. The line that does the triggering:

jamf policy -event "$Brand"Driver

So then the custom event trigger in the various driver policies (one per model/brand) are HPDriver, XeroxDriver, etc. We have a couple of Fiery boxes, so have that as a Y/N variable.

Then the script configures the printer using the rest of the parameter values.


PrinterName=$(echo "$FriendlyName" | tr " " -)

echo ""

if [[ "$Fiery" == "Y" || "$Fiery" == "y" || "$Fiery" == "yes" ]]; then
    echo "[CHECK] Fiery printer selected"

# Delete existing printers with same IP, if configured
echo "[CHECK] Checking for existing printer(s) with the same IP..."
if [[ $(lpstat -s | grep $PrinterIP) != "" ]]; then
    PrintersToDelete=$(lpstat -s | grep "$PrinterIP" | awk -F " " '{print substr($3, 1, length($3)-1)}')
    for PrinterToDelete in $PrintersToDelete; do
        echo "[DELETE] Deleting existing printer $PrinterToDelete..."
        /usr/sbin/lpadmin -x $PrinterToDelete   
    echo "[CHECK] None installed..."

# Install driver if not already installed
echo "[CHECK] Checking for driver..."
if [[ ! -f "$PPD" ]]; then
    echo "[INSTALL] Installing driver..."
    jamf policy -event "$Brand"Driver
    sleep 1
    echo "[CHECK] Driver already installed..."

# Install printer
echo "[INSTALL] Installing printer $PrinterName..."
/usr/sbin/lpadmin -p "$PrinterName" -D "$FriendlyName" -L "$Location" -E -o printer-is-shared=false -v "$Protocol://""$PrinterIP" -P "$PPD"

echo "[FINISH] Done."

This is what the script looks like in a policy: