Smart Group question

tls2t
New Contributor II

I've only just recently begun playing with smart groups, and I'm stuck trying to figure them out.

What I'd like to do is create a smart group based on having a specific package (CS6) installed from Casper, so it can install an update to that particular software. Once it's done that, I'd like for it to remove itself from that group, so it doesn't keep trying to install the update over and over again.

Is this something that's even possible with smart groups? If not, are there any recommendations to how I can do this?

9 REPLIES 9

daworley
Contributor II

Yes, in general the workflow you want is possible with smart groups but it all comes down to determining the specific criteria.

One major key with smart groups tied to policies is to find the smallest unique quality that defines the before-and-after states that you want to bridge. The other is a pathological use of Recon in your policies so the logic in the smart group(s) update according to what you are doing in the policy.

Are you using an AAMEE package? If so, you might look at the "Packages installed by Installer/SWU" option.

Otherwise, potentially the "Application Version" key might be something to create the smart group around. Something like "Application Version [Photoshop] is not [current version]"

I don't have a JSS in front of me right now, so I might not have the exact syntax correct in my example, but hopefully this is enough to help get you on track.

stevewood
Honored Contributor II
Honored Contributor II

Smart Groups behave just like Smart Lists in iTunes, they search for a certain criteria that you've set, and once met, the item that meets that criteria is added to the group.

In your example, I would create an SG that looked at Receipts Information and used the Packages Installed by Casper item. From there you can click on the elipses (three dots) to choose the package receipt to look for. I have not deployed CS6 here, so instead I used the package receipt for the Acrobat 10.1.3 update as my example in the images here:

external image link

Hopefully that makes sense. That will give you an SG showing all of the machines that have CS6 installed by Casper.

However, there's more to it if you want to remove it from that group after the update is installed. Doug's mention of "...a pathological use of Recon..." is pretty descriptive. And his idea of using the version number of an app may be better.

I would attack this one of two ways: 1) drop a dummy receipt in /Library/Application Support/JAMF/Receipts indicating it was a machine that needed update and remove that receipt once patched (along with a few recons to clear the flags), or 2) I would scope based on the version of the app you are patching using Extension Attributes. Option 2 is probably the cleanest method.

Going with Option 2, write an EA that pulls the version number of say Photoshop. That EA could be as simple as:

#!/bin/sh

# grab the version from Photoshop 
version=`efaults read /Applications/Adobe Photoshop CS5.1/Adobe Photoshop CS5.1.app/Contents/Info CFBundleShortVersionString`

echo "<result>$version</result>"

Now scope your SG to that Extension Attribute to populate your SG. Once you've done the update, make sure you run recon at the end, and that should update the EA and pull the machine out of your SG.

Make sense?

HTH

Steve

tls2t
New Contributor II

@stevewood

That was my initial thinking in how to make a smart group as well. However, my Adobe .pkg is wrapped in a .dmg (only way I could get it to work), and when I go the route of selecting "Packages Installed by Casper," then click the ellipsis button, I have no choices at all to choose from.

external image link

So, I manually typed the name of the .dmg package in, and my test computer does not seem to join the smart group.

stevewood
Honored Contributor II
Honored Contributor II

DMG files will not leave a receipt, I believe. And to do what you're trying, you'll probably want to go the Extension Attribute method as I mentioned further down in my post. The SG example I gave was simply a way to show you how it should work.

daworley
Contributor II

@barret55: In order for the package to show up when you click on the ellipsis, the JSS has to have installed that package at least once using the Casper Tools.

I use either Casper Remote or a Self-Service policy to accomplish that step. Once Casper has installed that package once, that ellipsis menu should list the package as an option. You might have to refresh your browser to get that new information.

Kumarasinghe
Valued Contributor

DMG files will leave a receipt. I just checked mine and I can see DMGs in 'Pakages Installed By Caper' list

mm2270
Legendary Contributor III

Doug is correct. Deploy the package at least once to a managed client and it will then show up in the "Packages installed by Casper" choices when you click the ellipses. All deployed packages leave a receipt when done through the Casper Suite methods.

tls2t
New Contributor II

Turns out I had missed one thing regarding that.

After speaking with tech support on an unrelated issue, I dropped the problem by him. Turns out that I needed to check

Settings > Inventory Options > Inventory Collection Preferences > Package Receipts > Collect Package Receipts

Once I did that, the list started populating.

Funny how it's always the little things that make the biggest difference.

jarednichols
Honored Contributor

Ah yes, check your cables. :)