Jamf Nation Community

ifbell · ‎07-24-2017

I am trying to get this curl statement to work with the backend API. I have not been able to figure out why it is not writing to the EA. The other question is has anyone done this with SSO in place using the JSS failover.

#!/bin/sh
echo "<?xml version="1.0" encoding="UTF-8" standalone="no"?><computer><extension_attributes><attribute><name>${ea_name}</name><value>${ea_value}</value></attribute></extension_attributes></computer>" > /private/tmp/ea.xml

 curl -v -d  -k -u  xxxxx:xxxxx "$JSSName/JSSResource/computerextensionattributes/id/17/$machinename" -T "/private/tmp/ea.xml" -X PUT

davidacland · ‎07-24-2017

Not sure if it's the reason, or if its the formatting on JamfNation, but you've got a funny character after the ID number.

The syntax looks ok, so most likely an XML issue. Would you be able to post that?

I've had issues in the past where certain keys are required for it to successfully upload. If they are missing, you get no feedback and nothing updates on the server.

ifbell · ‎07-24-2017

Okay I updated the post with the relevant information.

mm2270 · ‎07-24-2017

Like @davidacland mentioned, if you could post the xml, sanitized if needed, that may help us. I have a feeling it's not formed correctly.

One thing you could do is remove the -s flag so you'll get some kind of feedback. It also doesn't really make sense to use both verbose -v and silent -s together since I think maybe you're canceling out the verbose output.

mm2270 · ‎07-24-2017

@ifbell What JSS version are you on? Under at least the 9.99.0 release the format would need to be

...<extension_attributes><extension_attribute>...

Meaning, right now you have the top tag of <extension_attributes>, which is fine, but then you are using <attribute>, which may not be correct. When I look at records in our JSS they need to be:

<extension_attributes><extension_attribute><rest of data></extension_attribute></extension_attributes>

Have you checked this against a download of a computer record to see how the xml is formatted?

I also don't think you need any of this stuff in the beginning

<?xml version="1.0" encoding="UTF-8" standalone="no"?>

Usually just sending the data to a .xml file is enough.

ifbell · ‎07-24-2017

Okay so this is the current setup.
ea_name = "17" # the id of the EA I created
ea_value= "1" # the value to put in the EA

echo "<computer_extension_attribute><computer_extension_attribute><id>${ea_name}</id><value>${ea_value}</value></computer_extension_attribute></computer_extension_attribute>" > /private/tmp/ea.xml

## Upload the xml file
curl -v -k -u ${apiUser}:${apiPass} "${jssURL}/JSSResource/computerextensionattributes/id/17/${MacName}" -T "/private/tmp/ea.xml" -X PUT

This is what I get back, and the EA is still blank.

HTTP/1.1 100 Continue We are completely uploaded and fine < HTTP/1.1 404 Not Found < X-FRAME-OPTIONS: SAMEORIGIN < Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 < Date: Mon, 24 Jul 2017 17:14:36 GMT < Accept-Ranges: bytes < Server: Apache < Content-Type: text/html;charset=UTF-8 < Content-Length: 439 < Connection: close < <html> <head> <title>Status page</title> </head> <body style="font-family: sans-serif;"> Not Found The server has not found anything matching the request URI You can get technical details <a href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5">here</a>. Please continue your visit at our <a href="/">home page</a>. </body> </html> Curl_http_done: called premature == 0 * Closing connection 0

davidacland · ‎07-24-2017

It looks like you're uploading the xml to the wrong place.

You need to upload it to the respective computer record's EA

mm2270 · ‎07-24-2017

WHat @davidacland said. I don't know that the JSSResource URL you're using is valid. Even if it is, I would go directly to the computer resource for the PUT. It should work to update the EA value.

davidacland · ‎07-24-2017

I've also just noticed in testing that it matters if you have a trailing / at the end of your jssURL variable. Having a / at the end of mine returned a "404 Not Found" error.

davidacland · ‎07-24-2017

Just for completeness, this worked for me:

#!/bin/sh

apiUser=""
apiPass=""
jssURL=""
ea_name="test"
ea_value="1"
serial=$(system_profiler SPHardwareDataType | grep 'Serial Number (system)' | awk '{print $NF}')

# Create xml
    cat << EOF > /private/tmp/ea.xml
<computer>
    <extension_attributes>
        <extension_attribute>
            <name>$ea_name</name>
            <value>$ea_value</value>
        </extension_attribute>
    </extension_attributes>
</computer>
EOF

## Upload the xml file
curl -sfku "${apiUser}":"${apiPass}" "${jssURL}/JSSResource/computers/serialnumber/${serial}/subset/extensionattributes" -T /private/tmp/ea.xml -X PUT

Hope it helps :)

ifbell · ‎07-26-2017

My question to the group is anyone doing this with the failover url or with SSO?

mm2270 · ‎07-26-2017

@ifbell, not sure I follow. What do you mean by failover url exactly?

ifbell · ‎08-03-2017

What I am asking when you implement SSO in JAMF Pro there is an alternative url into the JSS should your SSO fail to allow you in. Has anyone used that to implement API calls to the JSS.

ifbell · ‎08-16-2017

Coming around to this again as I try to figure what I am doing wrong. what are the setting I should set for the extension attribute inside the JSS console.

Because I am still not getting the data into the EA. it shows up under the general tab under my machines but I do not see anything in the field for the specific machine I run this script davidacland showed above

I get back the following in verbose mode.

Trying xxx.xxx.xxx.xxx. TCP_NODELAY set Connected to xxx.xxx.xxx (xxx.xxxx.xxx.xxx) port 8443 (#0) WARNING: disabling hostname validation also disables SNI. TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Server certificate: xxx.xxx.xxx Server certificate: abcdefg Server auth using Basic with user 'XXXXX' > PUT /?failover/JSSResource/computers/serialnumber/VMoVffzQ0W8t/subset/extensionattributes HTTP/1.1 > Host: xxx.xxx.xxx:8443 > Authorization: Basic aWZiZWxsOkQzc20wZHVz > User-Agent: curl/7.54.0 > Accept: / > Content-Length: 198 > Expect: 100-continue > < HTTP/1.1 100 Continue < HTTP/1.1 302 Found < X-FRAME-OPTIONS: SAMEORIGIN < Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 < Set-Cookie: JSESSIONID=16D1FC2140287B58F1A4944CF0D7E237; Path=/; Secure; HttpOnly < Location: https://xxx.xxx.xxx:8443/saml/login < Content-Length: 0 < Date: Wed, 16 Aug 2017 16:28:07 GMT < Connection: close < Server: Apache < we are done reading and this is set to close, stop send Closing connection 0

.

cdenesha · ‎08-16-2017

A couple of thoughts that come to mind, @ifbell.

I see "https://xxx.xxx.xxx:8443/saml/login" in the response which brings us back around to your Qs about SSO. I don't know the answer but it is possible you aren't even getting to the point where you can submit your data.

My other thought is for @davidacland - your code is specifying a subset "subset/extensionattributes" and then the XML is beginning at <computers>, would this be a problem?

davidacland · ‎08-17-2017

@cdenesha good question.

I haven't tested it other ways but it would make sense that you wouldn't need "subset/extensionattributes" if the XML is complete and pointed at the computer record.

Would be interesting to test sending it to ${jssURL}/JSSResource/computers/serialnumber/${serial} to see what happens.

Jamf Nation Community

EA via curl put