Tiny Deathstars of Foulness

September 14th, 2018

Posted In: JAMF

Tags: , , ,

Leave a Comment

September 7th, 2018

Posted In: JAMF

Tags: , , , ,

Leave a Comment

September 5th, 2018

Posted In: JAMF, MacAdmins Podcast

Tags: , , , ,

Leave a Comment

In this article, we’ll cover how to use Zapier to connect data from your Jamf Account to a Google sheet. Once you build a WebHooks receiver in Zapier, you don’t have to use Google as the third party service that your WebHook triggers. You could use any other service that Zapier integrates as well, including Mailchimp, WordPress, Shopify, Todoist, ZenDesk, SurveyMonkey, Freshdesk, Quickbooks, Basecamp, and about 1,200 other solutions. In other words, you can link a WebHook from Jamf Pro into pretty much any automated service that you can think of!

So what’s a WebHook? A WebHook is an HTTP callback, or an HTTP POST that is fired when an event happens. The goal of WebHooks is that they are simple event notifications, typically sending a small amount of json to a destination web server that’s then ; a simple event-notification via HTTP POST. A web application listening for that event will then receive the WebHooks and perform a task in the background. Zapier is a great little tool that connects web apps. For modern software apps, most of this is done via acting as a WebHooks receiver and sending an API call to another tool. 

To follow along with this article, you will need a Zapier account, Jamf account and a Google account. Since we’ll be using Zapier to connect Jamf Pro and Google. 

Google Sheet Setup

  1. Signup/Login to your google account at
  2. Create new spreadsheet.
  3. Add any column names of fields you will want to store on your google sheet about your device—i.e. Date, Group, Name, Mac Address, IP Address, Make, Model, etc. We will use these columns in the Zap to map our data to the correct column.

Zapier Setup

  1. Signup/Login to your Zapier account at
  2. Click “Make a Zap!” button in top right-hand corner.
  3. You will start my setting up the webhook for catching the smart group change.

Catching Smart Group Membership Change Zap

  1. Name your Zap
  2. Add Note (optional) – Optionally it might be good to add some details about what you zap does. You can do this by clicking the link “Add Note” under the name.
  3. Example Note:Catches POST from Smart Group Change Zap and gets the Id of the computer added and/or removed from the group, to get all the computer details and save to Google Sheet.
  4. Setup your trigger step. Choose Webhooks under Built-In Apps.
  5. Select Catch Hook.
  6. Continue pass the “Pick Off a Child Key” as there is nothing specific we need to select off the hook.
  7. Zapier will provide an URL to send requests to. This URL will need to be copied and pasted in your webhook settings in Jamf.
  8. Open up a new window to begin setup of Jamf webhook, leave this zap open as you will return to it.

Jamf Setup of Webhook

  1. After copying the URL from the zap. Open up a new window and login to your Jamf account.
  2. Click the cog in the top right corner and go to your settings.
  3. Under Global Management click on the Webhooks icon.
  4. Click “New” button.
  5. Add a Display Name.
  6. Check “Enabled”.
  7. Paste the URL from the previous zap to the Webhook URL input.
  8. Set Authentication Type to “None”
  9. Fill in your preferred connection and read timeout
  10. Set Content Type to “JSON”
  11. Select the Webhook event from the dropdown – Set to “SmartGroupComputerMembershipChange”
  12. Set up the target smart computer group. You can select a group or apply to all groups.
  13. Save and return to your Zapier window with your previous zap.

Catching Smart Group Membership Change Zap (continued)

  1. After completing setup of Jamf webhook. Click “Ok, I did this” to begin a test and pull in a test sample. Then return to your Jamf window and trigger the webhook. The webhook can be triggered in two ways.
    1. Trigger the webhook by going to Computers – > Search Inventory -> (Select a computer) -> Edit -> Update site to a new site that is in a different computer group and Save
    2. Trigger the webhook by going to Computers -> Smart Computer Groups – > (Select a Group) -> Update site to a new site that is in a different computer group and Save.
  2. If the event is triggered correctly you will see a test result/message like below:

  1. Next setup an action step. Select Code under Built-In Apps.
  2. Select “Run Javascript”
  3. Use the following Input Data Parameters
    1. eventName : Select “Event Name” from Field Options
    2. addedComputers: Select “Event Group Added Device Ids” from Field Options
    3. removedComputers: Select “Event Group Removed Device Ids” from Field Options
  4. In the code section. Copy and paste the following code:

** The highlighted url will be replaced by another url in a later zap.

var added = [];
var removed = [];
if(inputData.addedComputers) {
added = inputData.addedComputers.split(',');
if(inputData.removedComputers) {
removed = inputData.removedComputers.split(',');
var otherZapURL = "";
for(var i = 0; i< added.length; i++) {
var addedBody = JSON.stringify({
computer: added[i],
status: "added",
await fetch(otherZapURL, {method:'POST', body:addedBody});
for(var i = 0; i< removed.length; i++) {
var removedBody = JSON.stringify({
computer: removed[i],
status: "removed",
await fetch(otherZapURL, {method:'POST', body:removedBody});
return [{status: 'ok'}];

  1. This zap is done.

Saving Computer Details to Google Sheet

  1. Start a new zap.
  2. Add Note (optional) – Optionally it might be good to add some details about what you zap does. You can do this by clicking the link “Add Note” under the name.
  3. Example Note:Catches POST from Smart Group Change Zap and gets the Id of the computer added and/or removed from the group, to get all the computer details and save to Google Sheet.
  4. Setup your trigger step. Choose Webhooks under Built-In Apps.
  5. Select Catch Hook.
  6. Continue pass the “Pick Off a Child Key” as there is nothing specific we need to select off the hook.
  7. Zapier will provide an URL to send requests to. This URL will need to be copied and pasted in your previous zap in the code section where the highlighted url was listed.
  8. Setup an action step. Select Webhooks under “Built-In Apps”
  9. Select “GET” action type.
  10. Fill in the following input:
    1. URL : Copy and Paste your with your role)
      1. Select “Computer” from field options
      2. See below as sample:

  1. Query String Params – leave blank
  2. Send As JSON – Select Yes
  3. JSON key – enter “json”
  4. Unflatten – Select Yes
  5. Basic Auth –separate your username and password with a pipe character
  6. Headers – leave blank
  1. Continue to through to Test Step and make sure data was received about the computer.
  2. If successful, continue to add a third action step by clicking the plus icon under you previous step and selection Action.
  3. Search for Google sheets in Search for Apps.
  4. Select Google Sheets and select the action type “Create Spreadsheet Row”.
  5. Connect your Google Account you used to create your Google sheet in the previous steps. See Google Sheets Setup section earlier in this document.
  6. Select Spreadsheet you set up under Spreadsheet input.
  7. Select the worksheet that has your columns names.
  8. After the worksheet is selected, each column will appear as an input option to map fields to. You will need to map each column to the appropriate field by selecting the field from the field options menu to the right of the input.
  9. After you’ve finished the mapping, select Continue to Test the step. If the test was successful, you should see your new record on your google sheet.
  10. Turn both of your zaps on and you are ready to automatically record all your smart group changes!

This was written for a specific use case, but because it’s useful for a number of apps and many of those can be hooked to other apps providing a nearly infinite number of use cases to link Jamf Pro Smart Group changes (one of the most valuable things that Jamf does) to other solutions!


August 17th, 2018

Posted In: JAMF, Mac OS X, Mac OS X Server

Tags: , , , , , ,

Ever wanted to be able to view devices from your Jamf server from within your Freshdesk environment? Well, I just posted a new integration on the Jamf Marketplace just for Freshdesk.

This plugin will display a search bar on the right side of the screen. Enter a serial number to find your devices. If a match is found, you’ll see information on the device (note: this is up on GitHub so you can change what fields you see).

If you don’t find anything that matches a given pattern, you’ll get an error.

April 2nd, 2018

Posted In: JAMF, Product Management

Tags: , ,

Hey look, there’s a new category on the Jamf Marketplace, available at,selecting the AppConfig category. The new AppConfig category gives administrators of any MDM that supports AppConfig access to a set of apps that support AppConfig. If you have an app that isn’t listed here, feel free to let me know. 

What does this mean? Well, AppConfig is a way of sending data into an app. App config allows a customer to deploy settings into applications on iOS devices in much the same way that settings can be sent into a Mac app via the defaults command. This means an end user could get an app installed on their device from the iOS App Store, a custom app, or a B2B app and that app would have any settings the user might need to connect to servers or configure the experience.

So what is Managed App Config? At it’s most basic, you identify a label and a value in XML and send it to an iOS device that’s running iOS 7 or later (e.g. via Jamf 9 and up). The vendor who makes the app has to basically define what those settings are. Which brings up an interesting problem never fully addressed with defaults domains: standardization and ease-of-use (although MCX was close).  is a consortium of MDM vendors and software vendors that maintain the emerging AppConfig standards around Managed App Config (within the confines of what Apple gives vendors) and then makes a feed of settings for apps that conform to those standards. Jamf is a founding member of, along with MobileIron and AirWatch. Examples of what you could put into the feed include 
  • Enabling certain features of apps
  • Server URLs
  • Logos (if they’re pulled dynamically)
  • Text labels
  • Language packs

To see a list of apps that are available, check out 

Managed App Config options are set by vendors at compile time within the code and then the XML sent with the app is parsed by the app at installation time. If you’re a software vendor who wants to get started with AppConfig, check out the Spec Creator from Jamf Research or get in touch with the developer relations team from any MDM vendor.

If you’re a customer of an app and would like to leverage Managed App Config and your vendor isn’t listed on the site, get in touch with them, as this is the future of app management and chances are that you won’t be the only organization looking to unlock this type of feature. 

Let’s look at how this actually works. The Managed App Config options per supported app are available on a feed. The feed is available at Here, as follows, you’ll see a list of all of the apps supported.

You can then copy the path for an app, such as com.adobe.Adobe-Reaser/1/appconfig.xml and append it to the end of the URL to get the feed for that specific app. You can test this using to see output as follows.

Here, note that most of these fields are key value pairs defined by Adobe (in this example at least). You can enable or disable features of Adobe Reader using these keys. The same is true with a tool like Box that might want a more granular collection of settings than a feature like Managed Open In. 

Once you have the XML, you can then copy it to the clipboard and paste it into the App Configuration tab of an app, as follows. 

Finally, Apple has sample code available at

March 13th, 2018

Posted In: iPhone, JAMF

Tags: , , , , , , ,

Been working on a new plugin to embed device details from Jamf Pro into Jira Service Desk. It looks a little like this:

To access the plugin, see the links below.

February 13th, 2018

Posted In: JAMF

Tags: , , , , ,

Here’s a quick extension attribute to check for OSX/MaMi. Basically, I’m just looking for one of the two DNS servers that always gets put into the list. From what I’ve seen they always come in pairs.  Below is a gist.
Oh and thanks Katie for noticing my errant space! 😉

January 23rd, 2018

Posted In: JAMF, Mac OS X

November 19th, 2017

Posted In: JAMF, MacAdmins Podcast

Tags: , , , ,

Jamf is proud to announce zero-day support for macOS High Sierra, iOS 11, and tvOS 11 with the release of Jamf Pro 9.101. In addition to compatibility for all of Apple’s fall operating systems, Jamf Pro 9.101 also includes new features that include the latest payloads, restrictions and MDM commands.

Highlights of what’s new:

macOS High Sierra

  • Zero-touch provisioning of Mac devices with the Apple File System (APFS)
  • Cisco Fast Lane quality of service (QoS) support for apps
  • New security settings and configurations
  • New restrictions, including the ability to defer software updates for up to 90 days

iOS 11

  • An MDM command to upgrade non-DEP supervised devices to iOS 11
  • New restrictions, including AirPrint, manual VPN settings and systems app deletion

tvOS 11

  • Defining Home screen layout on an Apple TV
  • Showing or hiding specific tvOS apps
  • Restricting tvOS media content and ability to modify device name
  • Setting passwords for Apple TV devices to share automatically to specific iPads

Healthcare Listener enhancements and more

In addition to providing pre zero-day support for Apple’s upcoming operating systems, Jamf Pro 9.101 extends the power of the Healthcare Listener to add support for tvOS by making the remote wipe command available for Apple TV devices. Further, Jamf Pro 9.101 includes a new API for Lost Mode, new settings for re-enrollment, and security enhancements for the deployment of in-house iOS apps.

Next steps:

You can download Jamf Pro 9.101 through Jamf Nation in the “My Assets” page. If you’re using a hosted version at, the upgrade will be done automatically. If you regularly schedule your upgrade, please contact your Account Representative to schedule your upgrade. To locate your account representative, see

For more information on this release, download the release notes. If you have any questions about this release or anything else, please do not hesitate to reach out.

Download Jamf Pro 9.101 now

September 12th, 2017

Posted In: JAMF

Next Page »