05-09-2023 12:26 PM - edited 05-09-2023 12:28 PM
I have an Extension Attribute that reports back the expiration date of a PIV Authentication certificate on a Yubikey.
When inventory runs and a user has their Yubikey inserted it reports <result>YYYY-MM-DD</result>.
This works very well. If the user does not have a Yubikey inserted when inventory runs the EA does not report any result back to the server.
My issue is the EA then ends up being blank. I would prefer it to keep the old results if no result was reported.
Is this the expected behavior?
Solved! Go to Solution.
Posted on 05-09-2023 01:19 PM
Yes, this is expected behavior, because as far as Jamf Pro is concerned, every time a Mac runs an inventory report, it overwrites the various inventory details about that device when it uploads the results. As Extension Attributes get run each time on inventory collection, a blank result from the script will upload a blank result back to Jamf for that computer. They have no inherent knowledge of a previously gathered result.
That said, there is a solution you can consider. You could write your EA to export the results, when it finds a valid result, into a local file or plist somewhere on the Mac, and then on each run of the EA script, if the result comes back empty, pull the old result and use that instead as what to send back to Jamf.
I don't know what your full EA script looks like, but here's a rough outline of how this can be done
#!/bin/zsh
results=$(command to get the result goes here)
if [ -z "$results" ]; then
if [ -e "/Library/SomeFolder/lastresults" ]; then
results=$(/bin/cat "/Library/SomeFolder/lastresults")
else
results="N/A"
fi
else
/bin/echo "$results" > "/Library/SomeFolder/lastresults"
fi
/bin/echo "<result>$result</result>"
.
Posted on 05-09-2023 01:19 PM
Yes, this is expected behavior, because as far as Jamf Pro is concerned, every time a Mac runs an inventory report, it overwrites the various inventory details about that device when it uploads the results. As Extension Attributes get run each time on inventory collection, a blank result from the script will upload a blank result back to Jamf for that computer. They have no inherent knowledge of a previously gathered result.
That said, there is a solution you can consider. You could write your EA to export the results, when it finds a valid result, into a local file or plist somewhere on the Mac, and then on each run of the EA script, if the result comes back empty, pull the old result and use that instead as what to send back to Jamf.
I don't know what your full EA script looks like, but here's a rough outline of how this can be done
#!/bin/zsh
results=$(command to get the result goes here)
if [ -z "$results" ]; then
if [ -e "/Library/SomeFolder/lastresults" ]; then
results=$(/bin/cat "/Library/SomeFolder/lastresults")
else
results="N/A"
fi
else
/bin/echo "$results" > "/Library/SomeFolder/lastresults"
fi
/bin/echo "<result>$result</result>"
.
Posted on 05-09-2023 01:22 PM
Brilliant! I already do that with other EAs. I should have thought of that myself.
Thanks!