Last active
July 18, 2024 13:00
-
-
Save talkingmoose/327427d23b422000f9d17183f8ef1d22 to your computer and use it in GitHub Desktop.
As of Jamf Pro 10.14, the Jamf Pro API (/uapi) allows access to create and update scopes for computer PreStage Enrollments. Edit the information at the top and include a list of computer serial numbers for the COMPLETE scope. (The script replaces the scope list; it doesn't update.) Be sure to leave the opening and closing parentheses.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# server connection information | |
URL="https://talkingmoose.jamfcloud.com" | |
username="API-Editor" | |
password="P@55w0rd" | |
# provide the Jamf Pro ID of the PreStage Enrollment; look in the URL when viewing the PreStage Enrollment | |
prestageID="1" | |
# scope the following serial numbers to the PreStage Enrollment | |
serialNumberList=(C02QR0D0GFWM | |
C02X82E1LHD3 | |
C02QHRD0GFWM | |
C02X8F1CLHD3) | |
# this function was sourced from https://stackoverflow.com/a/26809278 | |
function json_array() { | |
echo -n '[' | |
while [ $# -gt 0 ]; do | |
x=${1//\\/\\\\} | |
echo -n \"${x//\"/\\\"}\" | |
[ $# -gt 1 ] && echo -n ', ' | |
shift | |
done | |
echo ']' | |
} | |
# created base64-encoded credentials | |
encodedCredentials=$( printf "$username:$password" | /usr/bin/iconv -t ISO-8859-1 | /usr/bin/base64 -i - ) | |
# generate an auth token | |
authToken=$( /usr/bin/curl "$URL/uapi/auth/tokens" \ | |
--silent \ | |
--request POST \ | |
--header "Authorization: Basic $encodedCredentials" ) | |
# parse authToken for token, omit expiration | |
token=$( /usr/bin/awk -F \" '{ print $4 }' <<< "$authToken" | /usr/bin/xargs ) | |
# get existing json for PreStage ID | |
prestageJson=$( /usr/bin/curl "$URL/uapi/v1/computer-prestages/$prestageID/scope" \ | |
--silent \ | |
--request GET \ | |
--header "Authorization: Bearer $token" ) | |
# parse prestage json for current versionLock number | |
versionLock=$( /usr/bin/awk '/\"versionLock\" : / { print $3 }' <<< "$prestageJson" ) | |
# format serial number list for json | |
formattedSerialNumberList=$( json_array "${serialNumberList[@]}" ) | |
# create json data for submission | |
jsonData="{ | |
\"serialNumbers\": $formattedSerialNumberList, | |
\"versionLock\": $versionLock | |
}" | |
# submit new scope for PreStage ID | |
/usr/bin/curl "$URL/uapi/v1/computer-prestages/$prestageID/scope" \ | |
--silent \ | |
--request PUT \ | |
--header "Authorization: Bearer $token" \ | |
--header "Accept: application/json" \ | |
--header "Content-Type: application/json" \ | |
--data "$jsonData" | |
# expire the auth token | |
/usr/bin/curl "$URL/uapi/auth/invalidateToken" \ | |
--silent \ | |
--request POST \ | |
--header "Authorization: Bearer $token" | |
exit 0 |
Thank you so much for your great code! Forked it to make machines move from one prestige enrolment to another.
Thank you so much for your great code! Forked it to make machines move from one prestige enrolment to another.
And I forked yours to make it run from self service and move the current machine into a new prestage, values populated by script payload variables. Thanks my guy!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Good call, Andrew. Jamf has a history of changing things like
v1
tov2
in their Jamf Pro API. Likely, the developers' reasons are "it's still beta" and likely they could change again.