Posted on 10-01-2019 07:40 PM
Hi everyone,
I have mashed together the following script to report a managed device's current LAPS password, which is stored as an extension attribute on the JSS.
Unfortunately, when I run the script, nothing is returned (no errors either).
#!/bin/bash
apiUser=""
apiPass=""
apiURL=$(/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url | sed 's|/$||')
udid=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')
extAttName=""LAPS""
LAPS_Password=$(curl -s -f -u $apiUser:$apiPass -H "Accept: application/xml" $apiURL/JSSResource/computers/udid/$udid/subset/extension_attributes | xpath "//extension_attribute[name=$extAttName]" 2>&1 | awk -F'<value>|</value>' '{print $2}')
echo $LAPS_Password
Does anyone know what may be going wrong here?
Solved! Go to Solution.
Posted on 10-01-2019 08:26 PM
Update: It turns out that the API password "apiPass" was too complex (i.e. alphanumeric) for the script (seen here also: https://www.jamf.com/jamf-nation/discussions/27059/api-authentication-doesn-t-work). Simplifying the password resolved the issue.
Posted on 10-01-2019 08:26 PM
Update: It turns out that the API password "apiPass" was too complex (i.e. alphanumeric) for the script (seen here also: https://www.jamf.com/jamf-nation/discussions/27059/api-authentication-doesn-t-work). Simplifying the password resolved the issue.
Posted on 03-25-2021 04:50 PM
@sim.brar Did you ever come across this? I copied your script line for line and changed only the EA name and credentials to match mine.
apiURL=$(/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url | sed 's|/$||')
udid=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')
extAttName=""UserCN""
LAPS_Password=$(curl -s -f -u $apiUser:$apiPass -H "Accept: application/xml" $apiURL/JSSResource/computers/udid/$udid/subset/extension_attributes | xpath "//extension_attribute[name=$extAttName]" 2>&1 | awk -F'<value>|</value>' '{print $2}')
echo UserCN: $LAPS_Password
Posted on 03-26-2021 03:21 AM
Hi djrory,
I was encountering the same issue on a script running fine from a while.
The issue is coming from Big Sur : Dealing with xpath changes in Big Sur
Hope this helps...
Posted on 03-26-2021 05:03 PM
@djrory @marc.beuvin yup, please see the same script, updated for Big Sur:
#!/bin/bash
apiUser=""
apiPass=""
apiURL=$(/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url | sed 's|/$||')
udid=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')
extAttName=""LAPS""
LAPS_Password=$(curl -s -f -u $apiUser:$apiPass -H "Accept: application/xml" $apiURL/JSSResource/computers/udid/$udid/subset/extension_attributes | xpath -e "//extension_attribute[name=$extAttName]" 2>&1 | awk -F'<value>|</value>' '{print $2}' | tail -n +1)
echo $LAPS_Password