Jamf-Concepts
FR - An ability to verify application install status and report failures at the end
An ability similar Setup your Mac that can locally validate scenarios like application exists or various settings are configured and where things failed validation a report page at the end summarising the state.
note that you can currently achieve this with custom policy/script that works on the finishedTrigger or finishedScript but I understand the request for having this within the Setup Manager UI.
could you specify "various settings are configured"? what kind of "various settings" are you specifically interested in?
We have these as checks on the OS to ensure they're applied and on
FileVault enabled/On Firewall enabled/On Rosetta installed although thats getting deprecated so meh
SYM has local abilities to run scripts to validate on status, so those settings maybe something that JSM can already do perhaps?
FileVault is something Setup Manager cannot do, because FileVault doesn't properly enable until (right after) user creation.
This is where custom verification scripts/policies have to do the reporting.
Also, FileVault (as well as SIP and other security settings) is something that should be continually monitored (extension attributes, Jamf Protect, etc.) anyway
Yes those things should be continually checked in MDM, it’s still useful IMO to show those items are configured and/or enabled for the user.
FV2 could be shown as configured but deferred or I’d imagine most orgs have enabled at ADE
I would love this too:
It would be great if it will deliver an Overview of all Steps (Sucessfull/Failed) at the end and a possibility to start over. Additional it would be great if it will check if an application is already installed and skip them.
Additional it would be great if it will check if an application is already installed and skip them.
Installomator and Jamf App Installers already do this. you can add this to a policy by scoping to a smart group that check for the app being installed or out of date.
+1 on the Sucessfull/Failed check at the end and a possibility to start over. We have users in asia with not so reliable home internet and a retry would be much easier than have to erase and restart from scratch.
Most of our fails are due to network, so this is how we check for network connectivity right now, it would be nice to have something similar built in:
#!/bin/bash
# Max Wait Count for network checks
max_wait_count=5
# Network Check function
wait_for_network() {
echo "Checking for network..."
# check for network connection
nc=1
while [[ $(ifconfig -a inet 2>/dev/null | sed -n -e '/127.0.0.1/d' -e '/0.0.0.0/d' -e '/inet/p' | wc -l) -lt 1 ]] ; do
if [[ ${nc} -gt ${max_wait_count} ]] ; then
echo "Network connection not available after ${max_wait_count} attempts"
exit 1
fi
echo "Waiting for network connection... attempt $nc"
sleep 3
(( nc++ ))
done
# check for internet connection
ic=1
while ! curl --silent http://captive.apple.com/hotspot-detect.html 2>/dev/null | grep -q Success; do
if [[ ${ic} -gt ${max_wait_count} ]]; then
echo "Internet connection not available after ${max_wait_count} attempts"
exit 1
fi
echo "Waiting for internet connection... attempt $ic"
sleep 3
(( ic++ ))
done
echo "Network is connected"
}