Skip to content

Instantly share code, notes, and snippets.

@smashism
Last active June 3, 2024 15:44
Show Gist options
  • Save smashism/fabfdc4910ff8a8c37594134259da7e4 to your computer and use it in GitHub Desktop.
Save smashism/fabfdc4910ff8a8c37594134259da7e4 to your computer and use it in GitHub Desktop.
Programmatically unmanage computers via Jamf Pro API using bearer-auth token authentication.
#!/bin/bash
##########
# title: unmanage-computers-modern-auth.sh
# author: dr. k | @smashism on github
# date: 2024-03-28
# note: include jssIDs where specified, other server/cred details will
# prompt when run via terminal.app
# disclaimer: provided as-is with no warranty (express or implied). please test!
#
##########
deviceIDs=(
# put jssIDs here for computers to remove
# ex. 12345678
)
# established server and credential information
read -p "Enter Jamf Pro server (e.g., https://server.jamfcloud.com): " jamfProURL
read -p "Enter Jamf Pro username: " jssUser
read -s -p "Enter password for $jssUser: " jssPassword
# request auth token
authToken=$( /usr/bin/curl \
--request POST \
--silent \
--url "$jamfProURL/api/v1/auth/token" \
--user "$jssUser":"$jssPassword" )
# parse auth token
token=$( /usr/bin/plutil \
-extract token raw - <<< "$authToken" )
tokenExpiration=$( /usr/bin/plutil \
-extract expires raw - <<< "$authToken" )
localTokenExpirationEpoch=$( TZ=GMT /bin/date -j \
-f "%Y-%m-%dT%T" "$tokenExpiration" \
+"%s" 2> /dev/null )
echo "Token information: "
echo Token: "$token"
echo Expiration: "$tokenExpiration"
echo Expiration epoch: "$localTokenExpirationEpoch"
# cleanup, cleanup, come on it's cleanup time
echo "Running cleanup.."
for id in "${deviceIDs[@]}"; do
/usr/bin/curl -H "Authorization: Bearer $token" -X PUT -H "content-type: text/xml" "$jamfProURL""/JSSResource/computers/id/{$id}" -d "<computer><general><remote_management><managed>false</managed></remote_management></general></computer>"
done
sleep 10
# expire auth token
Echo "Expiring token $token..."
/usr/bin/curl \
--header "Authorization: Bearer $token" \
--request POST \
--silent \
--url "$jamfProURL/api/v1/auth/invalidate-token"
echo "All done! See you next month."
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment