Tag : casper

Casper – Clear out user’s broken Keychain

Just realized that there are so many useful scripts from JAMF Nation, here is  a easy one you can deploy to Self Service to fix those annoying Keychain issues with AD…

https://jamfnation.jamfsoftware.com/discussion.html?id=13736

 

If you are lazy to read, here is the script from the author:

#!/bin/bash

current_user=`finger s l | grep Login | cut c 825`

if test e /Users/$current_user/library/keychains/????????-????-????-????-????????????; then

    echo “Local Items keychain found”

    rm rf /Users/$current_user/library/keychains/????????-????-????-????-????????????

else

    echo “No local items keychain found”

    exit 1

fi


Software Approval Process in Casper

There’s no direct software approval process like Application Catalog in SCCM, but we have a workaround for this:

https://jamfnation.jamfsoftware.com/discussion.html?id=10200

https://jamfnation.jamfsoftware.com/featureRequest.html?id=611

1. For easy implementation, I first add a special folder for software inventory path in Casper

“Management Settings” – ” Computer Inventory Collection” -“Software”

2. And then I create a mac packageA, this package will copy a file softwareA.txt to /var/casper/ folder to user’s computer. When a user “request” softwareA, Casper will install this packageA to user’s machine.

3. Now I create a “Smart Computer Groups” , and criteria based on the software named ” softwareA”. Remember to click “Send email notification on membership change” , that is the key to make it work.

4. and now create another “Static Computer Group” to force install softwareA.

5. Once you got the email and go through the approval process, you manually add the computer to the static computer group you just created. and after the install delete the softwareA.txt under /var/casper folder.

 


Casper Notes

Mac enrolled into Casper, but “Self Service” not showing up on the Mac?

Has to enable “Install Automatically” on “Installation” Tab under “Computer Management”-“Self Service”

 

How to create a Casper Printer Package?

If the printer needs a printer driver, then first install a printer driver, and then use Casper Admin to create a printer PPD.

 

How to make a software always showing on Self Service even a user has installed it?

With the policy you created, choose ” Ongoing” Execution frequency.

 

Cool website to download PNG icons

http://www.easyicon.net/

Restrict OSX System Install, such as El Capitan install:

https://jamfnation.jamfsoftware.com/discussion.html?id=17185

Auto Update Mac Apps with Casper

https://github.com/homebysix/auto-update-magic


Casper JSS Setup Notes

Certainly Casper is much more fun comparing to SCCM ! I love it already, so easy to use, and very good tech support.

We use Mac Minis to be the Casper server, and I used Homebrew to install MySQL( at first I used the standalone installer, but found it hard to manage)

 

1. Required Software(from QuickStart Guide):

  • JSS
  • Java JDK 1.7/1.8
  • Jave Cryptography Extension 1.7/1.8
  • MySQL

 

Install Homebrew:

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Install MySQL:
brew install mysql
Start MySQL:
mysql.server restart

Secure MySQL on Mac:

mysql_secure_installation

A very cool GUI MySQL client:

http://www.sequelpro.com/

Setup JSS database & username for Casper:

mysql -r -p

CREATE DATABASE jamfsoftware;

GRANT ALL ON jamfsoftware.* TO ‘username_you_want’@localhost IDENTIFIED BY ‘password_here’;

 

Some basic MySQL commands:

SHOW DATABASES;

DROP DATABASE database_name;

SHOW TABLES;

DESCRIBE table_name;

2. Required ports opened:
Source IP(s): mac computer

Destination IP(s):17.0.0.0/8

Destination Port(s):5223

Source IP(s):JSS Servers

Destination IP(s): there’s no specific destination IP, it’s going to JAMF cloud servers.

Destination Port(s):443

Source IP(s): mac computer

Destination IP(s):JSS Servers

Destination Port(s):8443

Source IP(s):JSS Servers

Destination IP(s):17.0.0.0/8

Destination Port(s): 2195

Source IP(s):JSS Servers

Destination IP(s):17.0.0.0/8

Destination Port(s):2196

Source IP(s):JSS Servers

Destination IP(s):JSS Servers

Destination Port(s):3306

Source IP(s):JSS Servers

Destination IP(s): AD Server

Destination Port(s):636