Skip to content

JNUC2019 Lab Session K Scripts

Jump to bottom Edit New page
Chris Lasell edited this page Oct 30, 2019 · 8 revisions

Hands On, Real-time Classic API Using ruby-jss

(Home)

Lab Session Contents -10 - Scripts

Previous           TOC           Next

  • If there's not time for this, we won't do it now
    • Just take a quick look at it
    • Check back here on your own and try it later

Writing a script to use over and over

  • Its great to have a live, interactive shell to do things in your JSS in real-time

  • Now lets save some ruby into a script we can run whenever we need

  • In our JSS we have:

    • A user extension aattribute that marks some users as VIPs
    • A smart user group of those users
      • Our company is volatile, people go in and out of this group a lot

  • We want:

    • A Computer Group of computers assigned to those VIPs
    • A Mobile Device group of devices assigned to those VIPs

  • In the Jamf UI, you can't create computer or device smart groups based on a user extension attribute

  • Here's a script to automatically maintain our static Computer and Device groups

  • To make this work here in the lab, we'll each have to create our own computer and device groups

  • The user group and user EA already exists

  • Think up a couple of unique names for your two groups and create them now:

# CHANGE THE NAME IN THE QUOTES TO SOMETHING UNIQUE
JSS::ComputerGroup.make(name: 'ChrissVIP-Computers', type: :static).save ;0
# => 0

# CHANGE THE NAME IN THE QUOTES TO SOMETHING UNIQUE
JSS::MobileDeviceGroup.make(name: 'ChrissVIP-Devices', type: :static).save ;0
# => 0

  • Notice that we're using make and save on one line

  • Doing so requires parentheses around the parameters for make

    • otherwise ruby wouldn't understand the whole line.

  • Open a new terminal window

    • We'll use it to run our script
    • Leave your irb terminal open

  • Open up a text editor and paste in the script below

    • If you want to use vi or emacs, use the new terminal window

  • In the script change the COMPUTER_GROUP and DEVICE_GROUP values to the names of the groups you just created.

    • Make sure to stay inside the quotes
#!/usr/bin/ruby
require 'ruby-jss'

# CHANGE THE NAMES IN THE QUOTES TO SOMETHING UNIQUE
COMPUTER_GROUP = 'YOUR GROUP NAME HERE'
DEVICE_GROUP = 'YOUR GROUP NAME HERE'

# Connect to the Classic API
JSS.api.connect server: 'tryitout.jamfcloud.com', user: 'jnuc2019', pw: :prompt

# Fetch the Smart User Group
# It's based on User Ext Attrib 'vip' containing 'yes'
user_group = JSS::UserGroup.fetch name: 'VIPs'

# Fetch the Static Groups
comp_group = JSS::ComputerGroup.fetch name: COMPUTER_GROUP
dev_group = JSS::MobileDeviceGroup.fetch name: DEVICE_GROUP

# Clear out the group memberships in the static groups
comp_group.clear
dev_group.clear

# Loop thru the user ids in the user group
user_group.member_ids.each do |user_id|

  # Fetch the user object
  user = JSS::User.fetch id: user_id

  puts "--- Processing user: #{user.name}"

  # Loop thru the user's computers, adding each to the computer group
  user.computers.each do |comp|
    comp_group.add_member comp[:id]
    puts "  ..Added Computer '#{comp[:name]}''"
  end # user.computers.each

  # Loop thru the user's devices, adding each to the device group
  user.mobile_devices.each do |dev|
    dev_group.add_member dev[:id]
    puts "  ..Added Device '#{dev[:name]}'"
  end # user.mobile_devices

end # user_group.member_ids.each

puts '--- Done with users'

# add_member doesn't save immediately like change_membership
# so we need to save the group changes
comp_group.save
puts '--- Saved Computer Group'

dev_group.save
puts '--- Saved Mobile Device Group'

# Finito
puts 'All Done!'

  • Save the script somewhere on your computer

  • Make the file executable

    • In the new terminal, type chmod 755 /path/to/script

  • Before we run the script, take a moment to read through it

    • The comments explain what it's doing

  • Go ahead and run it in the new terminal: /path/to/script

  • You'll be prompted for the password for the API connection, use anything

  • When it's finished, lets check in irb to see if the groups now have members

pp JSS::ComputerGroup.fetch(name: 'ChrissVIP-Computers').member_names ;0
# [Array of names]
# => 0

pp JSS::MobileDeviceGroup.fetch(name: 'ChrissVIP-Devices').member_names ;0
# [Array of names]
# => 0

  • Tada! A useful re-runable tool, in 27 lines of easily readable code.

  • In the real world, this script would be more robust and refined, for example:

    • Catching errors and reporting them properly
    • Adding and removing the members as needed, not clearing and re-adding them every time
    • If automated, output would go to a log file

Previous           TOC           Next

Add a custom footer

ruby-jss Wiki Home

Clone this wiki locally