Jamf Nation Community

I've created queries for each of the things you've listed, except for one(I wasn't sure what you meant by computer groups with no relation to other objects), and saved them into one big SQL script which you can download here. However, I know that just giving you the queries without any context isn't always helpful, so I'll attempt to explain it as best as I can.

It helps to give a bit of an explanation of how the database is organized. Everything that can be scoped has at least two tables associated with it(usually more, but the others don't matter for this problem). These two mandatory tables are the base table and the deployment table, for computer policies these are policies and policy_deployment. The base table contains most of the information you'd expect it to, while the deployment table contains all the scoping information.

Inside the deployment table, every single target, limitation, and exclusion occupies its own row. This means that if policy 1 is scoped to 5 computers, then you will see 5 rows in the deployment table with policy_id 5.

Because the information you're looking for is in two tables that contain a matching field(i.e. policy_id), the simplest way to pull it is to do two nested queries. First pulling a list of all deployment rows that match your criteria, then using that list to find all of the objects whose IDs appear(or don't) in the first list. I'll give you an example below.

select policy_id, name from policies where policy_id in (select policy_id from policy_deployment where target_type = 101);

The first query, inside the parenthesis, pulls a list policy_ids from all rows with target_type 101. The second query then checks against that list to list the requested fields for each policy whose id is present. You can also use "not in" to get all policies whose id are not present in the initial query.

Things get a little more complicated the more specific you want your query to be, but the general layout of the query is the same.