Skip to main content

Can someone please post an example of how to use the sudo jamf runScript syntax to call an existing script on the JSS server?



I was hoping I could use it like such:



sudo jamf runScript -id 128


But alas it does not work like Policies do.



No mention of a way to do this in the help page. Seems like a no-brainer, no?



Usage: jamf runScript -script <file name> -path <path to script> [-computerName <computerName>]
[-target <target volume>] [-username <username>] [-p1 <parameter 1>] [-p2 <parameter 2>]
[-p3 <parameter 3>] [-p4 <parameter 4>] [-p5 <parameter 5>] [-p6 <parameter 6>]
[-p7 <parameter 7>] [-p8 <parameter 8>]



-script The file name of the script to run



-path The path to the script



-computerName The name of the computer to be passed to the script
If the name is not specified, it will be looked up on the target drive.



-target The target drive to be passed to the script



-username The username to be passed to the script



-p[1-8] The parameters to be passed to the script



Notes: Parameters in scripts created for use with the Casper Suite must be
formatted in a certain way. The parameters passed to the script are as follows:
Target Drive
Computer Name
Username
Parameter 1
Parameter 2
Parameter 3
Parameter 4
Parameter 5
Parameter 6
Parameter 7
Parameter 8

I'm not seeing the -id option, seems like a means of running a local script.

Yeah, looks like it's meant to just call a local script on the machine. The -script and -path options seem to suggest that it can't be called from outside the machine. Would be nice functionality to have, like jamf policy -event, but saves the trouble of including a script in a policy to call.

Seems weird that I can't use a JAMF command to call a script that lives on JAMF JSS on a system managed by JAMF.



All my Macs have a company-specific directory located at /Library/MyCompany/Scripts/foo, but Im trying to get away from needing "monolithic" local scripts in favor of...you know...something more dynamic and robust...like...JAMF!



I can run a script via Casper Remote, but sometimes it would be nice to do it over SSH etc.



I can't be the first customer to mention this, right?



Feature Request!

Yes, its for running a local script, not something from your JSS.
But as an example, I use it often when I'm testing a local .sh script on my Mac as I design it that uses passed parameters. So I can do something like:



sudo jamf runScript -script myscript.sh -path ~/Desktop -p1 "parameter1" -p2 "parameter2"


etc.. And it runs the script as if it ran from my JSS with passed params to $4 and $5

What you can try and do is as a workaround to run an existing sript on the JSS:




  1. Create your Script in the JSS under scripts call it 'myscript'

  2. Create a Policy same name as the script above: 'myscript'
    a. under Options Tab > Scripts add the script 'myscript'
    b. set your parameters in the textboxes



3 .Under Options Tab > General check off [x] Enable, check off [x] Custom box within Trigger, excution frequency: Ongoing a. Create a custom event. Name it 'myscript'



Now you can run the command via SSH or locally:



sudo jamf policy -event "myscript"



*make sure to keep the quotes



Hope this Helps Let me know if that works!



Good luck!
[bk]

Seems weird that I can't use a JAMF command to call a script that lives on JAMF JSS on a system managed by JAMF.


Scripts are not scoped, so there is no way to restrict access to them if they worked the way you're trying. Imagine if a user just cycled through possible script IDs and had a program capture every script on your JSS? Or could run scripts that elevate privileges or perform other restricted actions?



Scripts need a policy.

Reply


Terms & ConditionsCookie settings