JAMF Pro Scripts
My goal for this repo is to provide a consistent user interface for all of my user base and also trying to provide necessary utilities for the users so they do not need local admin rights. Some of there are used in my automation scripts on my server as well. All of these script take advantage of Bart Reardon's excellent SwiftDialog app. Below is a simplified overview of each script:
Several of my scripts are used for various purposes in my daily workflow. I will have each script marked with what it is used for next to their names. Right now, this is broken down into these areas:
[Automation] - I have reoccurring tasks setup on my server on a weekly/monthly basis
[Back-End] - This are scripts that are used on my server, not necessarily run by the user, but serve as notifications primarily during script execution.
[Elevated] - This scripts are replacements for commands that would normally required admin rights. Useful if you want to remove admin rights from users.
[First Aid] - General end users scripts that they can run own their own to help with common computer issues.
[HelpDesk] - Scripts that can be used by your IT support staff to help end users
[Managed] - I put these in Self Service and have the users run under supervision. Makes admin duties easier. Scope only as necessary to end-users
[Server] - Admin level - needs access to the server
[Automation] [First Aid]
If you have multiple version of Adobe apps on your systems, this will scan your system for ALL versions of all Adobe apps and show you what is installed.
[HelpDesk] [First Aid]
In our environment we have multi-user Macs and sometimes we need to transfer licenses from person to person.
[Elevated]
Allows users to delete items from a custom list of applications directories. This will only delete the .app file and not the supporting files that go along with it.
Shows you a list of applications are their architecture (Intel or Apple Silicon).
[Automation] [First Aid]
Shows battery usage statistics and can warn you if you battery is in critical condition.
[HelpDesk]
This will force a regen & escrow of the local FileVault key...it will not be stored in your MDM until you do an inventory.
[First Aid]
Allows you to do a "one-click" clear browsers caches from all installed browsers.
[Automation] - Silent Mode [First Aid]
Remove expired certificates from your keychain. Can be configured for specific Cert types.
[Elevated] [First Aid]
Allows the end-user to delete printers from their system..local admin not required.
[Automation] [First Aid]
Verify presence of Microsoft WPJ (Workplace Join Key) in the user's Keychain.
Simple script allowing you to create custom icons (and overlay icons). Multiple icon options are available (.app, SF Icons, built-in).
[Back-End]
Will display a GUI screen during JAMF recon commands so that the user can see some progress.
[Back-End]
Powerful Multilingual notification window with several customizable options.
[Back-End]
Show a progress bar when deploying lengthy installs (such as Xcode or office), to give user feedback on progress.
[First Aid]
Quick scan to show the top 50 larges files (or directories).
[First Aid]
Show the status of a users EntraID registration.
[Managed]
Allows you to assign a bootstrap token to another user. A bootstrap token is a secure credential that allows an MDM to automatically grant Secure Tokens to users, enabling them to unlock FileVault and authorize system updates without manual admin intervention.
[First Aid]
Scan specified directories and makes sure that the current logged in user is the owner (useful for makes sure all files in their $HOME directory has correct permissions)
[First Aid]
Notification and process to migrate user into Apple's SSO Platform.
Retrieve the BundleID and TeamID for apps installed on your system. Useful for assigned managed login items.
[Managed]
Assign a SecureToken to curent user: A SecureToken is a cryptographic attribute assigned to a user account that allows it to unlock FileVault-encrypted disks and authorize sensitive system operations like software updates. While the Bootstrap Token is an MDM tool to automate management, the SecureToken is the actual permission a local user needs to interact with the Mac's encrypted storage.
[Managed]
Shows you the results of Crowdsrike process (if installed).
[Server]
Creates a VCF file of contact emails from JAMF inventory records (Useful if you need to do a mass mailing to all managed systems).
[Server]
Make a backup copy of your JAMF System Scripts.
[Server]
Make a backup copy of your JAMF Self Service icons.
[HelpDesk]
When a local system stops communicating with JAMF, you can "force" a redeployment of the JAMF binary, it will renew the enrollment.
[HelpDesk]
Sometimes failed MDM commands will prevent other commands from being delivered. This will clear the failed MDM commands on a single system.
[Server]
Allows you to search thru all of your JAMF Config Profiles for a particular phrase or keyword. Handy to detemrine if you have multiple configurations for the same thing.
Search thru all managed systems for JAMF Blueprint (DDM) installations, successes and failures. Export options available.
[HelpDesk]
Set, View, or Clear the recovery key on a particular system.
[HelpDesk]
View, Add or Delete JAMF static group members - IT Support staff cane move users into Static groups
[Server]
Several utilities on one script to perform backups, clear failed MDM commands, Compare Profiles, get application usage & find multiple user assigned systems. Lots of configuration options.
[Automation] [First Aid]
Presents the end user with a warning if available disk spaces exceeds threshold, reminding them to clear up their Hard Drive.
[Managed]
Basically performs a "rename" on a local users account, but this performs a create user, migrate data and backup process (much safer than a rename).
[Elevated] [First Aid]
Think of this as the Apple Migration Wizard, but doesn't require admin rights to operate. Very useful for migrating files between computers.
[First Aid] [First Aid]
This can be used to connect to network drives when the user is either on-prem or connected over VPN.
[Elevated] [First Aid]
Use this to migrate a users Desktop & Documents folder to a shared location and create a link to the newly migrated files. Useful for multi-user Macs where all data can be shared.
This will erase all evidence of Adobe apps from the system. Useful for when Adobe starts misbehaving and the normal uninstall doesn't work.
[Automation] [First Aid]
Presents the user with a notification of when their password is about to expire (less than two weeks) or a notification reminder when less than 7 days
[Automation] [Back-End]
Notification system to assist the end user on how to enable Privacy settings.
Displays information about pending DDM software updates installed on your system.
[Elevated] [First Aid]
Will display all of the Adobe apps on a system and allow the user to choose what can be removed (you can run this in interactive mode or silent mode).
[Elevated] [First Aid]
Sometimes items in the keychain can get corrupted. This will make a backup copy and create a new blank keychain
[Automation]
This will attempt to restart the zScaler tunnel if it is not active and/or perform a restart if necessary.
[HelpDesk]
Retrieves & Displays the FileVault recovery key from JAMF so you can give it to the end user
[First Aid]
Ability to assign defaults apps to be opened when documents are opened. Can set mailto: http: ftp: and others.
[First Aid]
Quick speed test of a users internet connection.
Search thru any given directory of scripts / text files for a particular key / string.
[Automation] [First Aid]
Displays the numbers of days since a system has been restarted with an option to restart
[HelpDesk] - JAMF Inventory [First Aid]
Displays a quick "snapshot" inventory of various items of a system (either local or JAMF inventory)
[First Aid]
Highly customizable log viewer, so users can send in emails of log files
[First Aid]
Shows the users a "carousel" of pictures and allows them to set their background to the chosen picture
[First Aid]
Displays all of the IPv4 addresses found on a system (including Cisco VPN)
[First Aid]
Make sure all of your macOS files are windows "safe"...useful for upload to OneDrive, DropBox, etc
If you find value in my scripts, please consider buying me a coffee to let me know that you find my scripts useful and to help me keep innovating!
