Skip to main content
Question

Script to create dummy process

  • January 18, 2019
  • 3 replies
  • 12 views
K
Forum|alt.badge.img+12
  • k3vmo
  • Valued Contributor
  • 100 replies

Our enterprise is looking for a solution to identify corporate assets when they connect via VPN. In simple terms - they want to be able to scan for a process specific to our company. On Windows Systems - they look for a registry entry that matches and two company-specific processes

The simplest way I can think to do this is to create a process 'company' and something to respawn the process if it is force quit or crashes.

Can I accomplish this in a script - or would I need a full blown app and something in launchd to restart it?

Please keep in mind that I don't yet have Jamf in place.

There are two of us supporting 200 macs - manually at the moment

A lot of my users don't restart - so I can't rely on login items as the function to execute it.

Thoughts?

    3 replies

    sdagley
    Forum|alt.badge.img+25
    • sdagley
    • Jamf Heroes
    • 3567 replies
    • January 20, 2019

    @k3vmo If you need a process that's always running on your client machines you'll want to take a look at LaunchDaemons. You'll find many discussions of them if you search Jamf Nation for LaunchDaemon, and the web site www.launchd.info is a great reference. For creating and testing LaunchDaemons, LaunchControl (the web site seems to be down as I write this) by soma-zone is a great tool.

    L
    Forum|alt.badge.img+11
    • lkrasno
    • Contributor
    • 80 replies
    • January 20, 2019

    Whats the end goal for your discovery ? Are you looking for machines you need to provision with JAMF?

    If you don't have JAMF how do you plan to distribute this "process" ? Do your corp Macs have an admin account perhaps you can test access to instead ? Consider utilizing RECON ?

    Unruly Uptime Fix

    K
    Forum|alt.badge.img+12
    • k3vmo
    • Author
    • Valued Contributor
    • 100 replies
    • January 22, 2019

    @lkrasno No - the network team needs to be able to ID a machine as a company owned asset - for some sort of extra security layer.

    I'm hoping I can bundle whatever I figure out in a .pkg file and send via ARD. I at least have an up-to-date list of all of my systems. Yes - each system has an admin account - however, it's based on the asset ID number - such as . 402564admin . with the # being the asset number. That, alone, would be too easy to spoof


    Terms & ConditionsCookie settingsAccessibility statement