In today’s session, IT experts and AOL employees, Steve Coulbourne, Lisa Davies and Andrew Leininger, took a tour of practical examples of the Casper API, also showing relevant code and how it’s used. The team showed ways to successfully integrate with existing HR systems and asset information, automate Zendesk tickets and clean up JSS users.
Using a series of GET and PUT calls in the JSS API, on a RHEL server that communicates with their production JSS, the AOL IT team can successfully automate a series of what used to be day-to-day, time consuming, tasks.
With thousands of computers and devices throughout the organization, the IT team needs a way to know the details of each one. They automate this process through the JSS API. At AOL, they found it helpful to upload tables into the JSS in order to show particular fields and information from both the users and computers section. But the JSS alone cannot generate such specific reports.
On top of reporting and search queries, the JSS API can help automate installs and uninstalls of software by making psudo-smart groups that are generated via API calls and Extension Attributes. The AOL team mentioned HR/Legal may put a particular user or set of users on Legal Hold – a way to put restrictions in place. In the past, they needed to cross-check a list of employees from HR/Legal, which is not just time consuming but is a matter of employee security. This involved taking action on the user’s device if they fell in or out of employment status. Using the JSS API and AD, they generated an extension attribute that can be filled in via API. If the attribute gets the “ON” Legal Hold attribute, it will trigger the installation of restrictions and necessary software, and if the attribute “OFF” gets applied to that field, the JSS will automate the removal of the “Legal Hold” software/mandated restrictions.
AOL uses Zendesk as their ticketing system. Since the JSS contains information that may result in incoming tickets, the IT team runs a few calls that generate tickets, integrating with the Zendesk API. One example discussed was upgrading user’s hardware when their current computer becomes too old. To do so, they use the JSS API to GET all computers. Subsequently, the users attached to those computers. From that call, they grab the serial number and match it with the inventory system that shows purchase date. If the date is after a certain time, the user’s information is submitted to the Zendesk API, and a ticket is generated with the information needed to help them upgrade the user’s computer. The second use case they discussed was finding computers that may not have SIP enabled, and if it is found to be disabled, a help desk ticket gets generated.
The team mentioned two other ways of using the JSS to help with cleanup and reporting. For cleanup, they leverage the JSS API to delete old user accounts. A computer may get turned in, or the user may leave the company, and the result is a straggling user account in the JSS. The API comes into place to continuously cross-check the employee roster and users in the JSS, and checking to see if a computer assigned to the user. If there is a mismatch, the API will automatically remove the user.
In terms of reporting, they wrote an API workflow that will run a script to verify a computer’s device lock status. The information gathered from the script gets entered into a custom Extension Attribute field and is then searchable and reportable in the JSS website.
For reporting and information gathering in general, the API is the easiest tool to gather needed information seamlessly. Davies ended the session urging users to make a backup before touching their JSS, especially if they are new to the JSS API. The team also strongly encouraged the use of the JSS API. Once the workflows were created, hours and hours of time consuming tasks were wiped off of the daily to-do list.