Skip to content

sean-rabbitt/jamf-extension-attributes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

Add IDP Login as Alias to Local.sh

Add IDP Login as Alias to Local.sh

 
 

Count of Jamf Connect Users.sh

Count of Jamf Connect Users.sh

 
 

Is Jamf Connect login enabled.sh

Is Jamf Connect login enabled.sh

 
 

LICENSE

LICENSE

 
 

Last Jamf Connect menu bar agent login within range.sh

Last Jamf Connect menu bar agent login within range.sh

 
 

Look for Network Users.sh

Look for Network Users.sh

 
 

Look for Unmigrated Users.sh

Look for Unmigrated Users.sh

 
 

README.md

README.md

 
 

jamfHelperUtility.sh

jamfHelperUtility.sh

 
 

Repository files navigation

jamf-extension-attributes

Useful extension attributes I've created for Jamf Pro servers

All code is offered free, as in beer. As in I'll gladly take one. Or a gin and tonic.

Look for Unmigrated Users: An extension attribute for Jamf Connect and Jamf Pro. Add this script as an EA. EA will return a list of short names on a machine of users have a local password who are not yet migrated to Jamf Connect Login.

Sample Use: Use EA with a Smart Computer Group. Use the Smart Computer Group to scope a configuration profile that DenyLocal login for any users who haven't migrated yet.

Sample Use: Search for machines that have "rogue" local accounts not controlled by your IdP's controls.

Look for Network Users: Search for mobile account users

Will return either "No Network Accounts" if no accounts exist or a list of the short names of network accounts on a macOS device

Sample Use: Use with smart groups in Jamf Pro to scope for NoMAD or Jamf Connect to demobilize user accounts. For example, if no network accounts exist, remove the DeMobilize mechanism from Jamf Connect Login with an authchanger command. Or, use the presence of no mobile accounts as the trigger to turn on Migrate flag in a Jamf Connect Login configuration profile.

Jamf Helper Utility: Uses the Jamf Helper app to put an alert on the screen for a user.

Sample Use: When deployed with a Jamf Pro policy, use PARAMETER 4 for the title of the window, PARAMETER 5 for a header on top of your important message, PARAMETER 6 for your message including \n newlines, and PARAMETER 7 for the text shown on the continue button.

Last Jamf Connect menu bar agent login within range: Find out if a user has logged into Jamf Connect successfully within a certain time frame in days

Sample Use: Use as an extension attribute in Jamf Pro. If a user hasn't logged in successfully in X days, you can use the EA to create a Smart Computer Group. Remediate the issue however you wish, but some suggestions are to:

  • Add the DenyLocal preference set to TRUE for com.jamf.connect.login - forces network login on next login even if FileVault is enabled
  • Use the Jamf Helper Utility as a script to force sign-in with a message explaining why they are being required to log in

About

Useful extension attributes I've created for Jamf Pro servers

Resources

Readme

License

MIT license
Activity

Stars

19 stars

Watchers

5 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages