- Jamf Nation Community
- Products
- Jamf Pro
- Self Service Question
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Self Service Question
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-25-2009 01:39 PM
Is there a away to offer a self service policy to only one specified local user, such as the "admin", and not any other user account?
Thanks,
Cindi Starr
Rapid City Area Schools
? Computer Support Specialist
16 REPLIES 16
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-25-2009 01:43 PM
There are ways to do this, but what is your ultimate goal here?
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-25-2009 01:50 PM
Couldn't you just place the Self Service app in the admin's home/ Applications folder, and for extra protection, restrict the Self Service app from running for everyone except the admin?
Matt Martin
Pratt Institute Manhattan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-25-2009 01:54 PM
Then you can't have anyone else run self service, I am assuming they
want just a certain policy to be assigned to local admin, which you can
do via shell script with a manual trigger policy. I already have a mock
up script written but I am waiting for the original poster to explain
what they want to accomplish first.
Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
blackberry: 913-449-7589
office: 913-627-0351
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-25-2009 02:01 PM
Basically... I just want the local admin account to have access to two apps/policies in self service, in which none of the other users can have access too. Such as a quick add package, etc. I see where you can restrict it to User Groups, I just would like to restrict it to one user.
Cindi Starr
Rapid City Area Schools
? Computer Support Specialist
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-25-2009 02:12 PM
Well if the casper binary was not present running quickadd from self
service would be kind of hard.....
OK, well this is how you do it. First create your policy and set the
trigger to custom and in the little text box set the name of it. Then
whenever you open up terminal from any managed computer and type "jamf
policy -trigger mycustomtrigger" with out the quotes it will trigger
your policy. I wrote a simple shell script that checks if the currently
logged in user is part of the admin group, group 80. If not it exits,
but if that user is part of the admin group then the custom policy gets
triggered. Here it is:
#!/bin/bash
#execute self service policy only if current user is in admin group
#first we need to get the currently logged in user's name
current_user=/bin/ls ?l /dev/console | cut ?d " " ?f 4
#now we are going to compare this current user to the admin group via
dscl
admin_group=/usr/bin/dscl . read /Groups/admin | grep $current_user -c
#now looping varibales to run custom policy via casper #this requires that the casper client be installed on your client system
#you must edit the trigger of your policy for it to work
if [ $admin_group -eq 1 ]
then /usr/sbin/jamf policy -trigger MyCustomPolicy
else echo "$current_user not found in admin group, exiting"
fi
done
exit 0
In my script you need to change the MyCustomPolicy to whatever you named
your custom trigger, and it will execute that policy. If any other user
tries to run it, it echos out their user name and says not found in
admin group. Also note the computer must still be in your scope too to
run custom triggered policies.
Would that help you? Also, I don't provide warranty with my scripts so
please test it out before you deploy it.
Thanks
Tom
Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
blackberry: 913-449-7589
office: 913-627-0351
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 06:02 AM
Is there a way to have a hyperlink within Self Service open in a different browser? I've tried in the past and I could never find a solution. I have a piece of software that for whatever reason has individual licenses for each user that registers it. I want to at least put the proper link so they can get the information. However, the link breaks within Self Service.
Thanks
Allen
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 06:15 AM
So you want to spawn off the default browser instead of the link being active in Self Service and displaying the webpage from within Self Service?
j
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 06:18 AM
Yep, pretty much. The link doesn't work within Self Service. So I'm trying to figure out a way of opening it in a different browser. For now I'm just going to say copy/paste the link to another browser.
Allen
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 06:54 AM
I actually asked this question a couple months ago. With the current Self Service I don't believe it's a possibility. I was able to get my link to open in the self service window, but couldn't ever get a new browser window to open.
The JAMF folks at WWDC showed us a little preview of 8.2 and self service is getting a major overhaul that will allow administrators to add URL plugins that run in tabs alongside the Self Service app.
Bob
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 07:00 AM
How about putting a script into self service, something like:
#!/bin/sh
open http://www.some.site -a /Applications/Safari.app/
Leslie N. Helou
Senior Systems Engineer
Bell Techlogix
8888 Keystone Crossing, Suite 1700
Indianapolis, IN 46240
317.704.6408
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 07:14 AM
That works for now. Thanks!
Allen
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 08:43 AM
Leslie beat me to it, +1 Internets for you. You could also apple script it as well, but shell is more light weight.
-Tom
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 09:26 AM
Not sure if I follow. Or maybe I misread the question…
This solution works great if you want your policy to launch a link.
But in my particular case, we've got an internal support wiki that I would like to link to in the Description field of a Self Service policy. I can add a link, and it pulls up our wiki in the Self Service window, but I want it to launch in a new Safari window.
I think this is what the OP was asking for, no?
Bob
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 09:38 AM
This is true. Let's explore why the link within Self Service wasn't working. As far as I can tell, it's just a webkit instance. Can the OP explain a bit on what breaks?
j
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-15-2011 11:24 AM
So we have an application that requires each user to register on the vendor's site (we have a site license portal). The registration part is fine within Self Service, but the download aspect fails. Leslie's suggestion worked just fine for me. I just have a policy that runs open http://somesite -a /Application/Firefox.app, the user logs in and downloads the application. Our users for the most part have admin rights (I know I know), so they can install the app.
I've asked the vendor if I could have a single serial so I could do a snapshot, but they only provide me with a limited activation license for a lab setup.
Thanks
Allen
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-21-2011 11:36 AM
Bob,
Can you just use standard HTML to open to a new window via the anchor tag?
<a href="http://some.place.com/" target="_blank">Our Link</a> in the description.
The attribute "target" is the key here.
--
James Fuller | Technology Application Services | application developer II
