Help

Script to create dummy process

k3vmo
Contributor II

Posted on ‎01-18-2019 11:41 AM

Our enterprise is looking for a solution to identify corporate assets when they connect via VPN. In simple terms - they want to be able to scan for a process specific to our company. On Windows Systems - they look for a registry entry that matches and two company-specific processes

The simplest way I can think to do this is to create a process 'company' and something to respawn the process if it is force quit or crashes.

Can I accomplish this in a script - or would I need a full blown app and something in launchd to restart it?

Please keep in mind that I don't yet have Jamf in place.

There are two of us supporting 200 macs - manually at the moment

A lot of my users don't restart - so I can't rely on login items as the function to execute it.

Thoughts?

0 Kudos
3 REPLIES 3

sdagley
Esteemed Contributor II

Posted on ‎01-19-2019 08:26 PM

@k3vmo If you need a process that's always running on your client machines you'll want to take a look at LaunchDaemons. You'll find many discussions of them if you search Jamf Nation for LaunchDaemon, and the web site www.launchd.info is a great reference. For creating and testing LaunchDaemons, LaunchControl (the web site seems to be down as I write this) by soma-zone is a great tool.

0 Kudos

lkrasno
Contributor II

Posted on ‎01-20-2019 10:30 AM

Whats the end goal for your discovery ? Are you looking for machines you need to provision with JAMF?

If you don't have JAMF how do you plan to distribute this "process" ? Do your corp Macs have an admin account perhaps you can test access to instead ? Consider utilizing RECON ?

Unruly Uptime Fix

0 Kudos

k3vmo
Contributor II

Posted on ‎01-21-2019 08:06 PM

@lkrasno No - the network team needs to be able to ID a machine as a company owned asset - for some sort of extra security layer.

I'm hoping I can bundle whatever I figure out in a .pkg file and send via ARD. I at least have an up-to-date list of all of my systems. Yes - each system has an admin account - however, it's based on the asset ID number - such as . 402564admin . with the # being the asset number. That, alone, would be too easy to spoof

0 Kudos