Education and technology met on the JAMF Nation User Conference (JNUC) stage as Brad Schmidt examined how the Casper Suite's REST API can benefit education organizations. In his 15 years of IT experience in K-12 environments, Schmidt prides himself on automating mundane tasks to save time and get consistent results, whether through traditional means or scripting.
In this highly entertaining session, he explored real-world examples from importing asset tags to combating VShare. His overarching theme filled the packed audience in on ways to make their days easier in a candid, easy to digest manner.
Schmidt discovered how important it was to automate mundane tasks during his early exploration with the API. “If it takes an hour to complete a manual project, your hour of time is better spent automating it,” explained Schmidt. He elaborated by sharing a clip of R2-D2 communicating with a star ship to illustrate how the API is much safer and easier than digging through the database in MySQL. The clip was met with roaring applause.
There are four commands you can use with the API:
CRUD uses HTTP to make the connection. There are multiple methods of using the HTTP protocol, including Python, Bash/Shell, and Ruby.
By default the JSS will output XML, but he assured the audience of the importance of choosing the method that is right for them. The API is flexible enough to give users the personal language preference to get the return they need. He elaborated on this this point by sharing real-life scenarios on how he has used the API.
Scenario #1: How to get all asset tags in the JSS
Schmidt has a CSV file of all the asset tags from his vendors. He runs a script to import them into the JSS, taking record by serial number in the CSB.
Scenario #2: How to wipe a multitude of devices
He explained many options for accomplishing this, including enlisting technology staff and students to manually wipe the devices. The actual solution involves a barcode scanner and a bash script, which presents a GUI input asking for the asset tag. The scanner enters the asset tag and the script uses the GET command to look up the serial number, then a PUT command to trigger the wipe command. The obvious benefit of this approach is the devices are wiped on your terms.
Scenario #3: How to process locked iPads
Imagine a student has downloaded a restricted application that locks them into Notes until the application is removed. How do you fix it? Schmidt recommended writing an “app” using Python and TKinter using the JSS match function.
Scenario #4: How to uninstall vShare
In this example, a student has downloaded an application-pirating client named vShare, posing numerous security concerns. Schmidt recommends preventing vShare by following the steps outlined below:
- Leverage advanced search in the JSS to find all devices with vShare
- The script uses API GET to fill the script with a list of devices
- The script uses API PUT to send the wipe command and trigger an email
- The command changes the inventory record for the device, removing it from the smart group that triggers the script
Scenario #5: How to use the API to get to know the JSS
In order to identify the impact of a bug in the JSS, Schmidt used Curl to download all policies (more than 500), then used Bash to filter out policies with the particular bug he was seeing. The script returned a list of policies, their URL, the command and the policy name. He also used this same methodology to determine which packages needed to be used for an imaging configuration.
Scenario #6: How to automate JSS reports
Schmidt grew tired of pulling manually pulling reports and sending them by email. To improve efficiency for all people involved, he knew he needed to automate the JSS reports to key people in his organization. To do so, he used the Google Sheets API to write a Python script to export an advanced JSS search into a Google Sheet. All of the documentation for this example is on GitHub.
Of all the lessons Schmidt learned approaching these real-life scenarios, the primary lesson was to make sure the logic is in place before scripting. To him, it was very important to have a test JSS environment with actual production data to test the scripts. He recommends some form of git/version control and testing often. Check back in a few weeks for the video to see his presentations slides and a full list of all of the awesome resources he uses!