Jamf Nation Community

donmontalvo · ‎07-26-2016

Calling script gurus... :)

#!/bin/sh
#
# Compare ComputerName to AD bind name, report MATCH or MISMATCH.

# Check AD name mismatch
COMPUTER_NAME="`scutil --get ComputerName`"

AD_NAME="`dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev`"

if [ $COMPUTER_NAME == $AD_NAME ]; then
    echo "<result>MATCH</result>"
else
    echo "<result>MISMATCH</result>"
fi

The script works great...except that it reports a MISMATCH if the tech bound using lower case vs upper case characters.

Is there a tweak to the above script that will stop reporting MISMATCH if AD bind name is in lower case, but ComputerName is in upper case (or vice versa)?

TIA,
Don

--
https://donmontalvo.com

Josh_Smith · ‎07-26-2016

This wil convert both to lowercase when setting the variable for easier comparison:

#!/bin/sh
#
# Compare ComputerName to AD bind name, report MATCH or MISMATCH.

# Check AD name mismatch
COMPUTER_NAME=$(scutil --get ComputerName | tr '[:upper:]' '[:lower:]')
AD_NAME=$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev | tr '[:upper:]' '[:lower:]')
if [ $COMPUTER_NAME == $AD_NAME ]; then
    echo "<result>MATCH</result>"
else
    echo "<result>MISMATCH</result>"
fi

*Edited to remove extra echoes i threw in to test it.

View solution in original post

mm2270 · ‎07-26-2016

Two ways you can do it.
One, turn off case in sensitive matching at the point in the script where you are comparing the strings. Then turn it back on.

#!/bin/sh
#
# Compare ComputerName to AD bind name, report MATCH or MISMATCH.

# Check AD name mismatch
COMPUTER_NAME=$(scutil --get ComputerName)

AD_NAME=$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev)

## This turns off case sensitive matching in the script
shopt -s nocasematch

if [ "$COMPUTER_NAME" == "$AD_NAME" ]; then
    echo "<result>MATCH</result>"
else
    echo "<result>MISMATCH</result>"
fi

## This turns case sensitive matching back on. Just good housekeeping! :)
shopt -u nocasematch

Or, you can simply force convert the strings captured for both the AD computer and local computer name to upper case so they will be the same.

#!/bin/sh
#
# Compare ComputerName to AD bind name, report MATCH or MISMATCH.

# Check AD name mismatch
COMPUTER_NAME=$(scutil --get ComputerName | awk '{print toupper}')

AD_NAME=$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev | awk '{print toupper}')

if [ "$COMPUTER_NAME" == "$AD_NAME" ]; then
    echo "<result>MATCH</result>"
else
    echo "<result>MISMATCH</result>"
fi

Edited: More efficient to convert them to upper (or lower) right in the variable declaration.

Edit 2: BTW, do yourself a favor and consider switching to the $() syntax over the backticks for variables. Its the more accepted method these days and is just easier to discern from things like single and double quotes. I edited the scripts above to use those here.

View solution in original post

Josh_Smith · ‎07-26-2016

This wil convert both to lowercase when setting the variable for easier comparison:

#!/bin/sh
#
# Compare ComputerName to AD bind name, report MATCH or MISMATCH.

# Check AD name mismatch
COMPUTER_NAME=$(scutil --get ComputerName | tr '[:upper:]' '[:lower:]')
AD_NAME=$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev | tr '[:upper:]' '[:lower:]')
if [ $COMPUTER_NAME == $AD_NAME ]; then
    echo "<result>MATCH</result>"
else
    echo "<result>MISMATCH</result>"
fi

*Edited to remove extra echoes i threw in to test it.

mm2270 · ‎07-26-2016

Two ways you can do it.
One, turn off case in sensitive matching at the point in the script where you are comparing the strings. Then turn it back on.

#!/bin/sh
#
# Compare ComputerName to AD bind name, report MATCH or MISMATCH.

# Check AD name mismatch
COMPUTER_NAME=$(scutil --get ComputerName)

AD_NAME=$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev)

## This turns off case sensitive matching in the script
shopt -s nocasematch

if [ "$COMPUTER_NAME" == "$AD_NAME" ]; then
    echo "<result>MATCH</result>"
else
    echo "<result>MISMATCH</result>"
fi

## This turns case sensitive matching back on. Just good housekeeping! :)
shopt -u nocasematch

Or, you can simply force convert the strings captured for both the AD computer and local computer name to upper case so they will be the same.

#!/bin/sh
#
# Compare ComputerName to AD bind name, report MATCH or MISMATCH.

# Check AD name mismatch
COMPUTER_NAME=$(scutil --get ComputerName | awk '{print toupper}')

AD_NAME=$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev | awk '{print toupper}')

if [ "$COMPUTER_NAME" == "$AD_NAME" ]; then
    echo "<result>MATCH</result>"
else
    echo "<result>MISMATCH</result>"
fi

Edited: More efficient to convert them to upper (or lower) right in the variable declaration.

Edit 2: BTW, do yourself a favor and consider switching to the $() syntax over the backticks for variables. Its the more accepted method these days and is just easier to discern from things like single and double quotes. I edited the scripts above to use those here.

donmontalvo · ‎07-27-2016

Awesome solutions! The team reviewed and we went with this one:

#!/bin/sh
#
# Compare ComputerName to AD bind name, report MATCH or MISMATCH.

# Check AD name mismatch
COMPUTER_NAME=$(scutil --get ComputerName)

AD_NAME=$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev)

## This turns off case sensitive matching in the script
shopt -s nocasematch

if [ "$COMPUTER_NAME" == "$AD_NAME" ]; then
    echo "<result>MATCH</result>"
else
    echo "<result>MISMATCH</result>"
fi

## This turns case sensitive matching back on. Just good housekeeping! :)
shopt -u nocasematch

I'm on the hook for more JNUC2016 beer. :D

--
https://donmontalvo.com

FastGM3 · ‎07-28-2016

Thanks Don for bringing this up as I was noticing the same case sensitive mismatch returns. Unfortunately I'm still getting mismatched names running the new scripts suggested herein.

When I run "dsconfigad -show" in terminal, I see why. For some reason I'm seeing a $ appended to the end of my names in AD. ex. Computer Account = aac87a303a917$ but when joined to AD the name was Aac87a303a917. When I manually look at the names in AD, there is no $ appended to the name, and the same holds true with a manual check in Directory Utilities.

Anyone got Ideas as to why? Even better Ideas how to correct or omit the appended $ in the name check script?

Thanks,
Chuck

mm2270 · ‎07-28-2016

@FastGM3 The $ at the end of the computer name is standard computer naming convention when creating computer accounts in AD. Don's script should be cropping off that trailing $ character, but the method being used isn't one I would do personally. I'd use sed to remove it instead.
If for some reason its not actually removing that character as it is, you can try swapping out this line:

AD_NAME=$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev | awk '{print toupper}')

with this:

AD_NAME=$(dsconfigad -show | awk '/Computer Account/{print $NF}' | sed 's/$$//g' | awk '{print toupper}')

That should work to remove it and uppercase the string, making the local computer name and AD name ready for comparing to each other.

HTH.

listec · ‎01-07-2018

This could be optimized a bit more to...

AD_NAME=$(dsconfigad -show | awk '/Computer Account/{print toupper($NF)}' | sed 's/$$//g')

Jamf Nation Community

Script help for "Check AD name mismatch" EA