ePO App: Collect Info from OSX (Mac) and Populate Cust Props

Version 2

    This script was designed to pull in additional information about your OSX system into ePO environment. Many additional use-cases can be scripted and added, however this example should provide a foundation to (hopefully) get you started with getting OSX machine information into ePO.

     

    This sample script will gather the following information:

    • Iterate user account information (User email, real name, and account name), this is handy as the OSX Agent username limitation of ‘root’
    • Casper suite version (popular management platform for the OSX and iOS platform, think SCCM for OSX)
    • Java version
    • Machine serial and model number

     

    As mentioned above, the script can be easily tweaked to collect additional information. You can even go as far as pulling in arguments (a command in this case) being passed in from the ePO console, running it, and putting results into one of the fields to create a universal package for multiple uses.

     

    Script was tested on 10.6 and 10.7 OSX releases. If you plan on running the script as a test outside of ePO, make sure you add chmod +xfirst, then run as sudo.

     

    Few things to note, agent –P (Collect and Send properties) option was added in Agent 4.6, so you must be running that version in order to use it. If you are still on 4.5, this script will still work, however you will not be able to force push properties after the script executes. This will not work with 4.0 and below agents.

     

    Since different individuals will want to collect various pieces of information varying on their environment, I will not post the actual package, however, here are quick instructions on how to make the package using the EEDK tool. Unfortunately, the package needs to be created on a Windows system, would be nice to do it on other platforms *cough* compile with mono *cough*. Get tool/directions from: https://community.mcafee.com/docs/DOC-3401

     

    The package needs to be made with following settings:

     

    maceedk.png

     

    Once the package is built, and code signed if need be, it can be checked into ePO and pushed down just like any other package.

     

    Once executed, details can be seen under system information:

     

    new.png

     

     

    Please note, this post is for information use only, as all other articles in this community, no official support will be provided. Feedback is welcome..

    Vladimir

     

     

    #!/bin/bash

    # Written by Vladimir Skoryk 3/26/12 hire.vladimir@gmail.com

    # Script will collect awesomeness from the Mac and send it up to epo

    # When running script outside of epo push, must run as sudo

    #

    # Revision notes

    # 1.0 3/26/12 - initial

    # 1.1 3/27/12 - added Casper suite check

    # 1.2 4/5/12 - added Java version check

    # 1.3 5/7/12 - added hardware serial number check (idea by George Y. aka djjava9), and model#

    #

     

    #get users on the machine

    getUsersDetails=

    count=1

    for i in `dscl . list /Users | egrep -v '_|nobody|root|daemon'` ; #remove root, if root account was enabled; by default OSX ships with root account disabled

    do

              getUsersDetails="${getUsersDetails}User$count="$(dscl . read /Users/${i} RealName RecordName EMailAddress |awk -v ORS=' ' '{print}')

              let count++    

    done

    echo "$getUsersDetails"

     

     

    #see if machine is managed by Casper suite

    getCasper=$(jamf version | cut -b 9-18)

    if [ -z $getCasper ]; then

              getCasper="not found"

    fi

    echo "Casper Suite: $getCasper"

     

     

    #get java information

    getJava=$(java -version 2>&1 | tail -n 2 | head -n 1 | awk '{print $6}' | cut -b 1-24)

    if [ -z $getJava ]; then

              getJava="not found"

    fi

    echo "Java: ${getJava}"

     

     

    #get the serial number

    serial=$(system_profiler SPHardwareDataType | grep "Serial" | awk '{print $4}')

    echo "Serial#: $serial"

     

     

    #get model#

    model=$(system_profiler SPHardwareDataType | grep "Identifier" | awk '{print $3}')

    echo "Model#: $model"

     

     

    ##############################################

    #write collected information to CustomProps.xml

    /Library/McAfee/cma/bin/msaconfig -CustomProps1 "$getUsersDetails" -CustomProps2 "Casper Suite: $getCasper" -CustomProps3 "Java: $getJava" -CustomProps4 "Serial#: $serial, Model#: $model"

     

    #send up the collected info to epo

    /Library/McAfee/cma/bin/cmdagent -P