Help

Simple Scripting Help

saulv
New Contributor III

Posted on ‎01-02-2020 10:48 AM

I have had an issue recently where some of my student laptops are not binding to our Open Directory Server. I can cure this by Unbinding and Rebinding. Through trial and error, it seems that the issue is related to the Keychain Entry for the LDAP somehow getting corrupted or removed. In the meantime, since I was unable to find any clear answer to the Why, I am trying to write a script that will at least fix the issue, so kids can log-in.

My script is simply:

sudo dsconfigldap -r generic11.generic.org

sudo dsconfigldap -a generic11.generic.org

But the most important part is likely the prompt(see pic below) Is there away to script that to answer Y?

Any help or suggestions are greatly appreciated.
eb2174b4704d44bbbf3ec87961c2a5ae

Labels:
0 Kudos
Reply
6 REPLIES 6

bentoms
Release Candidate Programs Tester

Posted on ‎01-02-2020 10:59 AM

Have a look at yes)

0 Kudos
Reply

AdamCraig
Contributor III

Posted on ‎01-02-2020 11:37 AM

Without testing thoroughly something like this should work

#!/bin/sh
expect -c "
spawn sudo dsconfigldap -r generic11.generic.org
expect "Would you like to add them to system keychain automatically (y/n)?"
send "y"
expect"
0 Kudos
Reply

saulv
New Contributor III

Posted on ‎01-02-2020 12:25 PM

Thanks Strayer.

I used the following script, but it errors out when I run it in self-service. When I go to the Jamf policy logs, it gives no real info other than executing script. Also, the Y needs an enter after. Does your script account for that? Thanks again, I'm just not very script savvy.

!/bin/sh

expect -c "
spawn sudo dsconfigldap -r generic11.generic.org

spawn sudo dsconfigldap -a generic11.generic.org

expect "Would you like to add them to system keychain automatically (y/n)?"
send "y"
expect"

0 Kudos
Reply

rlandgraf
Contributor

Posted on ‎01-02-2020 12:43 PM

@saulv

Try this as the send y line:
send "y ";

Reply

saulv
New Contributor III

Posted on ‎01-02-2020 03:00 PM

I appreciate all the help, but I cannot for the life of me get this to work. Now I have simply tried to run this.

!/bin/sh
sudo dsconfigldap -r generic11.generic.org

With the Directory Utility open so I can see the result(which should be to unbind), but nothing happens when I push this to the machine via Jamf Policy.

If I type it into Terminal directly, it works fine. What the heck am I missing? Doesn't SUDO give me authority to execute this? Do I need to script the password into the policy?

0 Kudos
Reply

Look
Valued Contributor III

Posted on ‎01-02-2020 04:45 PM

Self service doesn't want or need sudo unless your trying to run something as another user. Likewise any policies or JAMF Remote.

0 Kudos
Reply