Script to Capture Extension Attribute Value Returns Nothing

sim_brar
New Contributor III

Hi everyone,

I have mashed together the following script to report a managed device's current LAPS password, which is stored as an extension attribute on the JSS.

Unfortunately, when I run the script, nothing is returned (no errors either).

#!/bin/bash

apiUser=""
apiPass=""
apiURL=$(/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url | sed 's|/$||')
udid=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')
extAttName=""LAPS""

LAPS_Password=$(curl -s -f -u $apiUser:$apiPass -H "Accept: application/xml" $apiURL/JSSResource/computers/udid/$udid/subset/extension_attributes | xpath "//extension_attribute[name=$extAttName]" 2>&1 | awk -F'<value>|</value>' '{print $2}')

echo $LAPS_Password

Does anyone know what may be going wrong here?

1 ACCEPTED SOLUTION

sim_brar
New Contributor III

Update: It turns out that the API password "apiPass" was too complex (i.e. alphanumeric) for the script (seen here also: https://www.jamf.com/jamf-nation/discussions/27059/api-authentication-doesn-t-work). Simplifying the password resolved the issue.

View solution in original post

4 REPLIES 4

sim_brar
New Contributor III

Update: It turns out that the API password "apiPass" was too complex (i.e. alphanumeric) for the script (seen here also: https://www.jamf.com/jamf-nation/discussions/27059/api-authentication-doesn-t-work). Simplifying the password resolved the issue.

djrory
Contributor

@sim.brar Did you ever come across this? I copied your script line for line and changed only the EA name and credentials to match mine.

apiURL=$(/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url | sed 's|/$||')
udid=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')
extAttName=""UserCN""

LAPS_Password=$(curl -s -f -u $apiUser:$apiPass -H "Accept: application/xml" $apiURL/JSSResource/computers/udid/$udid/subset/extension_attributes | xpath "//extension_attribute[name=$extAttName]" 2>&1 | awk -F'<value>|</value>' '{print $2}')

echo UserCN: $LAPS_Password

454bdf6ee8f54b1daaef5b4f76c9b058
1eff847ffca44d38b0b1a77deb088753

marc_beuvin
New Contributor II

Hi djrory,

I was encountering the same issue on a script running fine from a while.

The issue is coming from Big Sur : Dealing with xpath changes in Big Sur

Hope this helps...

sim_brar
New Contributor III

@djrory @marc.beuvin yup, please see the same script, updated for Big Sur:

#!/bin/bash

apiUser=""
apiPass=""
apiURL=$(/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url | sed 's|/$||')
udid=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')
extAttName=""LAPS""

LAPS_Password=$(curl -s -f -u $apiUser:$apiPass -H "Accept: application/xml" $apiURL/JSSResource/computers/udid/$udid/subset/extension_attributes | xpath -e "//extension_attribute[name=$extAttName]" 2>&1 | awk -F'<value>|</value>' '{print $2}' | tail -n +1)

echo $LAPS_Password