Archive

Archive for the ‘Scripting’ Category

Backing up the contents of an AWS-hosted Jamf Pro cloud distribution point to a local directory

February 15, 2018 Leave a comment

As part of removing unused packages from a Jamf Pro cloud distribution point using @shea_craig‘s Spruce tool, I needed to first make a backup of the contents of the cloud distribution point to a local directory on my Mac. That way, in case I had made an error and deleted the wrong installer package, I had a copy of the package readily available and could re-add the package back to my Jamf Pro server.

The cloud distribution point in question is hosted out in Amazon Web Services’ (AWS) S3 service, so I decided to use AWS’s awscli command line tool‘s S3 functions to run a one-way synchronization process between the cloud distribution point in S3 and my local directory. For more details, please see below the jump.

Read more…

Oracle Java 9 JDK and JRE installation scripts for macOS

January 18, 2018 Leave a comment

Oracle has started to release Java 9 for macOS, so I’m posting a couple of scripts to download and install the following:

Oracle Java 9 JRE
Oracle Java 9 JDK

Oracle has been releasing two separate versions of Java 8 simultaneously and may do the same for Java 9, so these Java 9-focused scripts are designed to allow the user to set which version they want to install: the CPU release or the PSU release.

The difference between CPU and PSU releases is as follows:

  • Critical Patch Update (CPU): contains both fixes to security vulnerabilities and critical bug fixes.
  • Patch Set Update (PSU): contains all the fixes in the corresponding CPU, plus additional fixes to non-critical problems.

For more details on the differences between CPU and PSU updates, please see the link below:

http://www.oracle.com/technetwork/java/javase/cpu-psu-explained-2331472.html

For more information, please see below the jump.

Read more…

Setting your Mac to receive macOS beta updates using seedutil

January 6, 2018 Leave a comment

As part of a discussion of how to build test VMs, a colleague mentioned how they were using the seedutil tool to help configure Macs to access Apple’s beta updates. I hadn’t run across this tool before, so I decided to do some research and see if I could make it work for my own testing needs. For more details, see below the jump.

Read more…

Identifying the Jamf Pro server set in CasperCheck using an Extension Attribute

July 30, 2017 Leave a comment

As part of my Jamf Pro testing process, I will often set up a VM using a production setup workflow then enroll that newly-setup VM into my test Jamf Pro server. However, as part of my production workflow setup, I will usually install my CasperCheck self-repair solution in order to make sure the machine stays enrolled with my Jamf Pro server.

Unfortunately, this can lead to the following chain of events:

  1. Test VM is enrolled in the test Jamf Pro server
  2. CasperCheck runs on its pre-set schedule and detects that it is not enrolled with the Jamf Pro server specified in the script.
  3. CasperCheck runs its repair functions and enrolls the test VM in the production server.
  4. I wonder why my test VM isn’t talking to the test Jamf Pro server.
  5. I check the CasperCheck log, grumble when I notice that CasperCheck has done its job, and then install the test server’s CasperCheck script on the test VM.
  6. Reboot the test VM to trigger the test server’s CasperCheck script to enroll the test VM into the test server again.

This situation happened infrequently enough in the past that I usually just dealt with it on an individual basis, but I finally decided to fix it by writing a Jamf Pro Extension Attribute to help me identify which Jamf Pro server was specified in the installed copy of CasperCheck . For more details, see below the jump.

Read more…

Deploying a pre-configured F5 Big-IP VPN client

July 27, 2017 1 comment

As part of a discussion with a colleague, he said that he needed to build an installer for his shop’s F5 Network’s VPN service but wasn’t sure how. I hadn’t built one of these previously either, so I decided to look into it.

Fortunately, F5 Networks has made the process of creating one a fairly straightforward process, assuming that your VPN administrator can provide the needed config_tmp.f5c configuration file. Assuming that you can get that file, all that’s needed is making sure that the config_tmp.f5c file is located in the same directory as the VPN client installer.

Screen Shot 2017 07 26 at 8 27 48 PM

The reason for this is that the postinstall scripts of the F5 VPN client installer are set to look for that file in that location, and will automatically import the configuration file’s contents if the file is found.

Screen Shot 2017 07 26 at 8 16 13 PM

Once I had both the config_tmp.f5c config file and a copy of the F5 VPN client installer, I was able to create an installer using this method that handled both the installation and the automated configuration of the F5 VPN client. For more details, see below the jump.

Read more…

Generating printer configurations using payload-free_package_printer_generator.sh

July 18, 2017 1 comment

As part of a recent discussion, a colleague posted in the MacAdmins Slack that they needed to deploy printers as part of a DeployStudio workflow. DeployStudio doesn’t natively include this functionality, so that meant developing a way to deploy the desired printers to the appropriate Macs via one of the following methods:

As part of the conversation, I pointed to Nick McSpadden‘s PrinterGenerator tool:

https://github.com/nmcspadden/PrinterGenerator

Nick’s tool is designed to create printer configurations for deployment via Munki. However, my colleague wasn’t using Munki in this case and didn’t plan to deploy it. So even though there was a tool that could have solved the problem, adapting it to work for my DeployStudio-using colleague’s needs was going to take some time and effort.

The discussion got me started thinking about the problem of printer deployments and ways to solve it that could work for the vast majority of deployment solutions. After some research and testing, I’ve developed a solution that may work for most deployment needs. For more details, see below the jump.

Read more…

Automating the enablement of object versioning on AWS S3 buckets

June 30, 2017 Leave a comment

As part of some work I’ve been doing with Amazon Web Services, I needed to enable object versioning on all S3 buckets in an account.

Screen Shot 2017 06 30 at 1 28 38 PM

However, I had three issues that I needed to accommodate for:

  1. There were a sufficient number of S3 buckets that enabling versioning via the S3 web console would be inconvenient.
  2. Some of the S3 buckets in the list already had object versioning enabled, while others in the list did not.
  3. I had forgotten which ones already had versioning enabled, so I’d have to check each one.

To address all three issues, I’ve written a script that uses the aws command line tool┬áto detect which S3 buckets do not have object versioning enabled and enable it on the detected S3 buckets. For more details, see below the jump.

Read more…

%d bloggers like this: