Script that calls Custom Trigger called by Self Service Not Working

eaititig
New Contributor II

Hi,

I have a script:-

#!/bin/sh
/usr/local/jamf/bin/jamf policy -event soe

(nb: also tried -trigger)

This script is attached to a Policy that is available in Self Service.

I can launch it from Self Service and I see in the logs "Checking for policy ID XXX..." but nothing actually gets fired off.

If I run the command manually on the machine, it works just fine, just doesn't seem to work via script/self service.

1 ACCEPTED SOLUTION

Look
Valued Contributor III

Do you have a user scope for the SOE policies, the script call will not run as the logged in user (as opposed to when you do it in terminal) so if there is a user scope it may not trigger.
The Self Service policy can be scoped by user as it has a user to check against, but the second jamf policy call from the script won't be.

View solution in original post

7 REPLIES 7

tlarkin
Honored Contributor

is the computer you are running the policy on in scope of policy poe? and is it set to ongoing frequency?

eaititig
New Contributor II

Yeah the policies with the Custom Trigger of soe are all set to Ongoing. And it works if I call i from Terminal, just doesn't seem to run when it's in a script called from Self Service.

Look
Valued Contributor III

Do you have a user scope for the SOE policies, the script call will not run as the logged in user (as opposed to when you do it in terminal) so if there is a user scope it may not trigger.
The Self Service policy can be scoped by user as it has a user to check against, but the second jamf policy call from the script won't be.

View solution in original post

andrew_nicholas
Valued Contributor

That path to the binary looks wrong. Unless you moved or created a symlink shouldn't it be:

/usr/local/bin/jamf

[edit] Ignore me, I forgot that path exists. But for giggles what happens if you replace it with the above path?

andrew_nicholas
Valued Contributor

Something else, when running it via terminal is your local shell still bash? What happens if you change the shebang to #!/bin/bash instead?

diradmin
Contributor II

.

eaititig
New Contributor II

Ah so I had limited the policy in Self Service with a local JAMF user ... so that if you log in as that user you get access to the policy but as mentioned above, it looks like the policy is then not run because of that limitation. When I took it off, it worked as expected.