Skip to main content

Our enterprise is looking for a solution to identify corporate assets when they connect via VPN. In simple terms - they want to be able to scan for a process specific to our company. On Windows Systems - they look for a registry entry that matches and two company-specific processes



The simplest way I can think to do this is to create a process 'company' and something to respawn the process if it is force quit or crashes.



Can I accomplish this in a script - or would I need a full blown app and something in launchd to restart it?



Please keep in mind that I don't yet have Jamf in place.



There are two of us supporting 200 macs - manually at the moment



A lot of my users don't restart - so I can't rely on login items as the function to execute it.



Thoughts?

@k3vmo If you need a process that's always running on your client machines you'll want to take a look at LaunchDaemons. You'll find many discussions of them if you search Jamf Nation for LaunchDaemon, and the web site www.launchd.info is a great reference. For creating and testing LaunchDaemons, LaunchControl (the web site seems to be down as I write this) by soma-zone is a great tool.

Whats the end goal for your discovery ? Are you looking for machines you need to provision with JAMF?



If you don't have JAMF how do you plan to distribute this "process" ? Do your corp Macs have an admin account perhaps you can test access to instead ? Consider utilizing RECON ?



Unruly Uptime Fix

@lkrasno No - the network team needs to be able to ID a machine as a company owned asset - for some sort of extra security layer.



I'm hoping I can bundle whatever I figure out in a .pkg file and send via ARD. I at least have an up-to-date list of all of my systems. Yes - each system has an admin account - however, it's based on the asset ID number - such as . 402564admin . with the # being the asset number. That, alone, would be too easy to spoof

Reply


Terms & ConditionsCookie settings