Forked from MichaelandMore/Set Computer PreStage Scope.bash
Last active
March 24, 2022 20:46
-
-
Save djdavetrouble/55914c82451dd3c7a1eda8118b391218 to your computer and use it in GitHub Desktop.
JAMF Pro API: This script removes a list of machines from one PreStage Enrollment and adds them to another
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #This script removes a list of machines from one PreStage Enrollment and adds them to another | |
| #Checks are applied to see if all machines are able to move between these two PreStages as intended | |
| #This should help keeping track | |
| # | |
| #standing on the shoulders of giants: | |
| #https://community.jamf.com/t5/jamf-pro/creating-an-authorization-token-with-jamf-pro-api-help-would-be/m-p/186172 | |
| #https://developer.jamf.com/jamf-pro/reference/computer-prestages-1#put_v2-computer-prestages-id-scope | |
| #https://gist.github.com/talkingmoose/327427d23b422000f9d17183f8ef1d22 | |
| ###Thank you very much #### | |
| # server connection information | |
| # api account can only move things in prestages | |
| URL="https://jamf.server.com:8443" | |
| username="api_prestage_mover" | |
| password="somesaythispasswordistoolongbutisaymakeitlonger" | |
| # provide the Jamf Pro ID of the PreStage Enrollment; look in the URL when viewing the PreStage Enrollment | |
| # Set in the payload variable instead and make it reusable | |
| sourcePrestageID="$4" | |
| targetPrestageID="$5" | |
| # List of serial numbers to be moved from one PreStage Enrollment to another | |
| # CHANGE THIS TO OBTAIN MACHINE SN | |
| serialNumberList=$(system_profiler SPHardwareDataType | awk '/Serial/ {print $4}') | |
| # this function was sourced from https://stackoverflow.com/a/26809278 and modified | |
| # converts bash array to json array probably not needed for single machine but maybe | |
| function json_array() { | |
| echo '[' | |
| while [ $# -gt 0 ]; do | |
| x=${1//\\/\\\\} | |
| echo \"${x//\"/\\\"}\" | |
| [ $# -gt 1 ] && echo ', ' | |
| shift | |
| done | |
| echo ']' | |
| } | |
| # created base64-encoded credentials | |
| encodedCredentials=$( printf "$username:$password" | /usr/bin/iconv -t ISO-8859-1 | /usr/bin/base64 -i - ) | |
| # generate an auth token | |
| authToken=$( /usr/bin/curl "$URL/api/auth/tokens" \ | |
| --silent \ | |
| --request POST \ | |
| --header "Authorization: Basic $encodedCredentials" ) | |
| # parse authToken for token, omit expiration | |
| token=$( /usr/bin/awk -F \" '{ print $4 }' <<< "$authToken" | /usr/bin/xargs ) | |
| ###1st Part - SOURCE | |
| # get existing json for Source PreStage ID | |
| prestageJson=$( /usr/bin/curl "$URL/api/v2/computer-prestages/$sourcePrestageID/scope" \ | |
| --silent \ | |
| --request GET \ | |
| --header "Authorization: Bearer $token" ) | |
| # parse prestage json for current versionLock number | |
| versionLock=$( /usr/bin/awk '/\"versionLock\" : / { print }' <<< "$prestageJson" ) | |
| #save output to disk if you like | |
| #now=$(echo "$(timestamp)") | |
| #echo $prestageJson >> /Users/m/Documents/json_bck_$now.sh | |
| # format serial number list for json | |
| formattedSerialNumberList=$( json_array "${serialNumberList[@]}" ) | |
| # create json data for submission | |
| jsonData="{ | |
| \"serialNumbers\": $formattedSerialNumberList, | |
| $versionLock | |
| }" | |
| # Remove from PreStage delete-multiple scope (array of strings) for PreStage ID - POST | |
| /usr/bin/curl "$URL/api/v2/computer-prestages/$sourcePrestageID/scope/delete-multiple" \ | |
| --silent \ | |
| --request POST \ | |
| --header "Authorization: Bearer $token" \ | |
| --header "Accept: application/json" \ | |
| --header "Content-Type: application/json" \ | |
| --data "$jsonData" | |
| ###2nd Part - TARGET | |
| # get existing json for Target PreStage ID | |
| prestageJson=$( /usr/bin/curl "$URL/api/v2/computer-prestages/$targetPrestageID/scope" \ | |
| --silent \ | |
| --request GET \ | |
| --header "Authorization: Bearer $token" ) | |
| # parse prestage json for current versionLock number | |
| versionLock=$( /usr/bin/awk '/\"versionLock\" : / { print }' <<< "$prestageJson" ) | |
| # create json data for submission - again because of versionlock | |
| jsonData="{ | |
| \"serialNumbers\": $formattedSerialNumberList, | |
| $versionLock | |
| }" | |
| #save output to disk if you like | |
| #now=$(echo "$(timestamp)") | |
| #echo $prestageJson >> /Users/michael/Documents/json_bck2_$now.sh | |
| echo "Target awaiting machines" | |
| # Add scope (array of strings) for Target PreStage ID - POST | |
| /usr/bin/curl "$URL/api/v2/computer-prestages/$targetPrestageID/scope" \ | |
| --silent \ | |
| --request POST \ | |
| --header "Authorization: Bearer $token" \ | |
| --header "Accept: application/json" \ | |
| --header "Content-Type: application/json" \ | |
| --data "$jsonData" | |
| # expire the auth token | |
| /usr/bin/curl "$URL/api/auth/invalidateToken" \ | |
| --silent \ | |
| --request POST \ | |
| --header "Authorization: Bearer $token" | |
| echo "DONE" | |
| exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment