Simple Scripting Help

saulv
New Contributor III

I have had an issue recently where some of my student laptops are not binding to our Open Directory Server. I can cure this by Unbinding and Rebinding. Through trial and error, it seems that the issue is related to the Keychain Entry for the LDAP somehow getting corrupted or removed. In the meantime, since I was unable to find any clear answer to the Why, I am trying to write a script that will at least fix the issue, so kids can log-in.

My script is simply:

sudo dsconfigldap -r generic11.generic.org

sudo dsconfigldap -a generic11.generic.org

But the most important part is likely the prompt(see pic below) Is there away to script that to answer Y?

Any help or suggestions are greatly appreciated.
eb2174b4704d44bbbf3ec87961c2a5ae

6 REPLIES 6

bentoms
Release Candidate Programs Tester

Have a look at yes)

AdamCraig
Contributor III

Without testing thoroughly something like this should work

#!/bin/sh
expect -c "
spawn sudo dsconfigldap -r generic11.generic.org
expect "Would you like to add them to system keychain automatically (y/n)?"
send "y"
expect"

saulv
New Contributor III

Thanks Strayer.

I used the following script, but it errors out when I run it in self-service. When I go to the Jamf policy logs, it gives no real info other than executing script. Also, the Y needs an enter after. Does your script account for that? Thanks again, I'm just not very script savvy.

!/bin/sh

expect -c "
spawn sudo dsconfigldap -r generic11.generic.org

spawn sudo dsconfigldap -a generic11.generic.org

expect "Would you like to add them to system keychain automatically (y/n)?"
send "y"
expect"

rlandgraf
Contributor

@saulv

Try this as the send y line:
send "y ";

saulv
New Contributor III

I appreciate all the help, but I cannot for the life of me get this to work. Now I have simply tried to run this.

!/bin/sh
sudo dsconfigldap -r generic11.generic.org

With the Directory Utility open so I can see the result(which should be to unbind), but nothing happens when I push this to the machine via Jamf Policy.

If I type it into Terminal directly, it works fine. What the heck am I missing? Doesn't SUDO give me authority to execute this? Do I need to script the password into the policy?

Look
Valued Contributor III

Self service doesn't want or need sudo unless your trying to run something as another user. Likewise any policies or JAMF Remote.