- Jamf Nation Community
- Products
- Jamf Pro
- Re: Updating an Extension Attribute via Policy
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-04-2023 01:45 AM
Hi Folks,
I'm trying to find a way to update our extension attribute every 5 minutes, but only one specific, so i don't want to mess with the inventory collection.
I figured my best bet is to create a script that does the same as it does now for the EA, but instead of just doing a <results> echo, writing it directly using the API
I still need to redo my JAMF 400 since i found the whole API thing so confusing, but i think i have the idea down.
would this be effective/would you do it differently?
-credentials
-grab serial number from system profiler
-use serial to grab the computer ID using the API (so
"https://***.jamfcloud.com/JSSResource/computers/serialnumber/$serial_number")
-execute the script (in this case, it checks the IP for a specific interface)
-writes the value using the API by using the previously fetched ID (i think this should go via the computer then, not clear if there's a better way?)
as you might be able to tell, i kind of know what to do but still feel lost, tips/hints would be greatly appreciated.
-execute the script (in this case, it checks the IP for a specific interface)
-writes the value using the API by using the previously fetched ID (i think this should go via the computer then, not clear if there's a better way?)
as you might be able to tell, i kind of know what to do but still feel lost, tips/hints would be greatly appreciated.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-04-2023 05:24 AM
We are writing some EAs trough the API. But instead of using the Serial and the API to get the JAMF-ID of a Computer we are using the UDID of each Computer.
I posted some parts of the script:
#Grab UDID
computerUDID=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')
# Construct the API data for writing
apiData="<computer><extension_attributes><extension_attribute><name>${eaName}</name><value>${eaValue}</value></extension_attribute></extension_attributes></computer>"
# Writing API-Data (Classic Auth, Tokenauth is prototyped for the moment)
apiPut=`curl -H "Content-Type: text/xml" -sfu ${apiUsername}:${apiPassword} ${apiURL}/JSSResource/computers/udid/${computerUDID} -d "${apiData}" -X PUT` If someone wants to use the ID they will have to ether get it trough the API with the help of the Serial Number or running a full inventory trough a script once grep the ID and Save it in a local file to read whenever it is needed....
If you want this every 5 Minutes then as @jamf-42 wrote you should create a launchdaemon running the script locally.
What we normally do for this is creating the script and launchdaemon. Packaging them together. Scripts are going into the opt folder in our case. Postinstall script bootstraping the Daemon. Then sending this package to every Computer ,we want this to be run on, as a policy once per Computer.
Reply
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-04-2023 01:53 AM
I'd be looking at a launchdeamon with interval
https://eclecticlight.co/2021/09/13/running-software-automatically-using-launchd/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-04-2023 02:20 AM
While still using the same setup with API write etc, but simply run locally on the users device?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-04-2023 05:24 AM
We are writing some EAs trough the API. But instead of using the Serial and the API to get the JAMF-ID of a Computer we are using the UDID of each Computer.
I posted some parts of the script:
#Grab UDID
computerUDID=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')
# Construct the API data for writing
apiData="<computer><extension_attributes><extension_attribute><name>${eaName}</name><value>${eaValue}</value></extension_attribute></extension_attributes></computer>"
# Writing API-Data (Classic Auth, Tokenauth is prototyped for the moment)
apiPut=`curl -H "Content-Type: text/xml" -sfu ${apiUsername}:${apiPassword} ${apiURL}/JSSResource/computers/udid/${computerUDID} -d "${apiData}" -X PUT` If someone wants to use the ID they will have to ether get it trough the API with the help of the Serial Number or running a full inventory trough a script once grep the ID and Save it in a local file to read whenever it is needed....
If you want this every 5 Minutes then as @jamf-42 wrote you should create a launchdaemon running the script locally.
What we normally do for this is creating the script and launchdaemon. Packaging them together. Scripts are going into the opt folder in our case. Postinstall script bootstraping the Daemon. Then sending this package to every Computer ,we want this to be run on, as a policy once per Computer.
Reply
