- Jamf Nation Community
- Products
- Jamf Pro
- script help - binding to ad based on multiple chec...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
script help - binding to ad based on multiple checks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-18-2020 09:51 AM
We need to bind our machines to specific OUs based on location and whether it's a laptop or desktop. I wrote (read: adapted from other scripts) this script up, but my scripting skills are pretty bad, would someone take a look at it and see if my logic/syntax is correct?
basically it looks if the device is a laptop and if so looks at the host name to determine location, then binds to location a or location b. if not a MacBook then bind to location c or d, via jamf policy triggers.
Is there a cleaner or better way to do this?
#!/bin/sh
LOGPATH='/private/var/log'
LOGFILE=/private/var/log/bind-$(date +%Y%m%d-%H%M).logging
osVersion=`sw_vers -productVersion | cut -d. -f1,2`
modelName=`system_profiler SPHardwareDataType | awk -F': ' '/Model Name/{print $NF}'`
shortModel=`system_profiler SPHardwareDataType | grep 'Model Name:' | awk '{ print $3 }'`
location=`hostname | cut -b 5-6`
## Setup logging
# mkdir $LOGPATH
set -xv; exec 1> $LOGPATH/postimagelogbind.txt 2>&1
##########################################
# Bind to AD
##########################################
#/bin/echo "Binding to AD"
#/bin/date
# Detects if this Mac is a laptop or not by checking the model ID for the word "Book" in the name.
IS_LAPTOP=`/usr/sbin/system_profiler SPHardwareDataType | grep "Model Identifier" | grep "Book"`
if [[ $shortModel == "MacBook" ]]; then
if [[$location == SA]]; then
jamf policy -trigger LocationLTBind
exit 0
elif [[$location == SB]]; then
jamf policy -trigger LocationLTBind
exit 0
fi
if [[ $shortModel != "MacBook" ]]; then
if [[$location == SA]]; then
jamf policy -trigger LocationDTBind
exit 0
elif [[$location == SB]]; then
jamf policy -trigger LocationDTBind
exit 0
fi
else
exit 0
fi
#/bin/echo "Done binding to AD"
#/bin/date
Labels:
- Labels:
-
Scripts
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-18-2020 11:28 AM
One recommendation I have for you is to not use system_profiler three times in the script as you have right now. Although the script should generally work fine, calling system_profiler tends to be a little slow, and calling it 3 times will be slower still.
All the data you're looking for can be had with an ioreg call instead. Consider this as an edit near the top of the script.
Data=$(ioreg -rd1 -c IOPlatformExpertDevice)
modelName=$(awk -F'"' '/model/{print $4}' <<< "$Data")There should be no need to extract "short model name" here as you can use something like this to see if "MacBook" is part of the model identifier string.
if [[ $modelName =~ "MacBook" ]]; thenI would also change this line:
if [[ $shortModel != "MacBook" ]]; thento just an else since really you only need to check if "MacBook" is part of the identifier string, which you are doing in the first if/then section. If it's not, then just move on to use one of the other 2 binding policy triggers.
A few other things I see. This line in your script doesn't seem to be used anywhere, so I'd consider removing it, since it's just wasting cycles:
IS_LAPTOP=`/usr/sbin/system_profiler SPHardwareDataType | grep "Model Identifier" | grep "Book"`Lastly, I don't know if the lines that look like if [[$location == SA]]; then are going to work correctly. Usually you need some space around the double brackets in the test, like this if [[ $location == SA ]]; then
So, rewriting this using the things I mention above, it would look something like this.
#!/bin/sh
LOGPATH='/private/var/log'
LOGFILE=/private/var/log/bind-$(date +%Y%m%d-%H%M).logging
osVersion=`sw_vers -productVersion | cut -d. -f1,2`
Data=$(ioreg -rd1 -c IOPlatformExpertDevice)
modelName=$(awk -F" '/model/{print $4}' <<< "$Data")
location=`hostname | cut -b 5-6`
## Setup logging
# mkdir $LOGPATH
set -xv; exec 1> $LOGPATH/postimagelogbind.txt 2>&1
##########################################
# Bind to AD
##########################################
#/bin/echo "Binding to AD"
#/bin/date
# Detects if this Mac is a laptop or not by checking the model ID for the word "Book" in the name.
if [[ $modelName =~ "MacBook" ]]; then
if [[ $location == SA ]]; then
echo "jamf policy -trigger LocationLTBind"
exit 0
elif [[ $location == SB ]]; then
echo "jamf policy -trigger LocationLTBind"
exit 0
fi
else
if [[ $location == SA ]]; then
echo "jamf policy -trigger LocationDTBind"
exit 0
elif [[ $location == SB ]]; then
echo "jamf policy -trigger LocationDTBind"
exit 0
fi
fi
#/bin/echo "Done binding to AD"
#/bin/dateOptions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-19-2020 11:42 AM
@mm2270 awesome thank you so much!! I will give it a whirl!
