Providing Jamf Pro computer inventory information via macOS configuration profile
> Jamf Pro, Mac administration, Management Profiles > Providing Jamf Pro computer inventory information via macOS configurationĀ profile
Providing Jamf Pro computer inventory information via macOS configurationĀ profile
Jamf Pro can store and make available a lot of information about a particular computer and who is using it as part of the computerās inventory record, but it can be challenging to access that information from the computer itself.
It is possible to use an API call to access this information, using either the Jamf Pro API or Jamf Proās Classic API, but that means providing a way to authenticate to the API. This may pose some security issues as you will need to both:
- Provide a way for the computer to access those authentication credentials
- Protect the authentication credentials from potentially malicious third parties
Fortunately, there is an alternative way to provide at least some inventory information without needing to make an API call. Jamf Pro provides a number of variables which can be used in macOS configuration profilesĀ and itās possible to leverage those variables to build a profile whose task is providing information from the computerās inventory record in Jamf Pro in a way which can be accessed from the managed computer. For more details, please see below the jump.
The variables which are available to macOS configuration profiles as of Jamf Pro 10.44.0 are listed in the table shown below:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Variable | Inventory Information | |
|---|---|---|
| $MANAGEMENTID | Device management ID assigned by Jamf Pro | |
| $COMPUTERNAME | Computer Name | |
| $SITENAME | Site Name | |
| $SITEID | Site ID | |
| $UDID | Computer UDID | |
| $SERIALNUMBER | Computer Serial Number | |
| $USERNAME | Username associated with the computer in Jamf Pro (computer-level profiles only) Username of the user logging in to the computer (user-level profiles only) |
|
| $FULLNAMEĀ orĀ $REALNAME | Full Name | |
| Email Address | ||
| $PHONE | Phone Number | |
| $POSITION | Position | |
| $DEPARTMENTNAME | Department Name | |
| $DEPARTMENTID | Department ID | |
| $BUILDINGNAME | Building Name | |
| $BUILDINGID | Building ID | |
| $ROOM | Room | |
| $MACADDRESS | MAC Address | |
| $JSSID | Jamf ProĀ ID | |
| $PROFILEJSSID | Jamf ProĀ ID of the Configuration Profile | |
| $EXTENSIONATTRIBUTE_# | Extension Attribute ID Number Note: The ID number is found in the extension attribute URL. In the example URL below,"id=2" indicates the extension attribute ID number: https://JAMF_PRO_URL.jamfcloud.com/computerExtensionAttributes.html?id=2&o=r |
Iāve used them to build a profile which will pull the information associated with the variables below:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When deployed, the profile will pull the relevant information from the computer record in Jamf Pro and store it as part of the profile.
This information in turn can be read from a plist file which should appear in the /Library/Managed Preferences directory on the managed Macs which the profile is being deployed to. In this case, the profile is managing the com.company.information domain, which means that a file named com.company.information.plist should appear in /Library/Preferences.
This information can then be read out of the /Library/Preferences/com.company.information.plistĀ file by either the defaults command or an alternate tool which can parse a plist file for information.
The example profile Iāve written is available below:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| xml version="1.0" encoding="UTF-8"?> | |
| DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">; | |
| <plist version="1"> | |
| <dict> | |
| <key>PayloadUUIDkey> | |
| <string>6D198024-4389-441A-86F2-B2A3FAEA24BEstring> | |
| <key>PayloadTypekey> | |
| <string>Configurationstring> | |
| <key>PayloadOrganizationkey> | |
| <string>Company Namestring> | |
| <key>PayloadIdentifierkey> | |
| <string>6D198024-4389-441A-86F2-B2A3FAEA24BEstring> | |
| <key>PayloadDisplayNamekey> | |
| <string>Computer Informationstring> | |
| <key>PayloadDescriptionkey> | |
| <string/> | |
| <key>PayloadVersionkey> | |
| <integer>1integer> | |
| <key>PayloadEnabledkey> | |
| <true/> | |
| <key>PayloadRemovalDisallowedkey> | |
| <true/> | |
| <key>PayloadScopekey> | |
| <string>Systemstring> | |
| <key>PayloadContentkey> | |
| <array> | |
| <dict> | |
| <key>PayloadDisplayNamekey> | |
| <string>Custom Settingsstring> | |
| <key>PayloadIdentifierkey> | |
| <string>85586FBC-6B08-4451-B6CD-AA09BE2CC0A3string> | |
| <key>PayloadOrganizationkey> | |
| <string>JAMF Softwarestring> | |
| <key>PayloadTypekey> | |
| <string>com.apple.ManagedClient.preferencesstring> | |
| <key>PayloadUUIDkey> | |
| <string>85586FBC-6B08-4451-B6CD-AA09BE2CC0A3string> | |
| <key>PayloadVersionkey> | |
| <integer>1integer> | |
| <key>PayloadContentkey> | |
| <dict> | |
| <key>com.company.informationkey> | |
| <dict> | |
| <key>Forcedkey> | |
| <array> | |
| <dict> | |
| <key>mcx_preference_settingskey> | |
| <dict> | |
| <key>Computer Jamf Pro ID Numberkey> | |
| <string>$JSSIDstring> | |
| <key>Computer Namekey> | |
| <string>$COMPUTERNAMEstring> | |
| <key>Computer Network Connection MAC Addresskey> | |
| <string>$MACADDRESSstring> | |
| <key>Computer Serial Numberkey> | |
| <string>$SERIALNUMBERstring> | |
| <key>Computer UDIDkey> | |
| <string>$UDIDstring> | |
| <key>Computer User's Email Addresskey> | |
| <string>$EMAILstring> | |
| <key>Computer User's Namekey> | |
| <string>$REALNAMEstring> | |
| <key>Computer User's Office Building IDkey> | |
| <string>$BUILDINGIDstring> | |
| <key>Computer User's Office Building Namekey> | |
| <string>$BUILDINGNAMEstring> | |
| <key>Computer User's Office Departmentkey> | |
| <string>$DEPARTMENTNAMEstring> | |
| <key>Computer User's Office Department IDkey> | |
| <string>$DEPARTMENTIDstring> | |
| <key>Computer User's Office Positionkey> | |
| <string>$POSITIONstring> | |
| <key>Computer User's Office Room Locationkey> | |
| <string>$ROOMstring> | |
| <key>Computer User's Phone Numberkey> | |
| <string>$PHONEstring> | |
| <key>Computer User's usernamekey> | |
| <string>$USERNAMEstring> | |
| <key>Sitekey> | |
| <string>$SITENAMEstring> | |
| <key>Site IDkey> | |
| <string>$SITEIDstring> | |
| dict> | |
| dict> | |
| array> | |
| dict> | |
| dict> | |
| dict> | |
| array> | |
| dict> | |
| plist> |
Gloss