This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Disclaimer
JUMPCLOUD EXPRESSLY DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, CONDITIONS, AND LIABILITIES OF ANY KIND ARISING FROM OR RELATED TO THIRD-PARTY SOFTWARE, SCRIPTS, REPOSITORIES, AND APIS. JUMPCLOUD IS NOT REQUIRED TO SUPPORT ANY SUCH THIRD-PARTY MATERIALS AND ALL RISKS RELATED TO THIRD-PARTY MATERIALS ARE YOUR RESPONSIBILITY. PLEASE ALSO REVIEW THE JUMPCLOUD TOS.

Automate Group Membership of Silicon and Intel based MacOS Devices

jworkman
JumpCloud Employee
JumpCloud Employee

โ€Ž11-30-2022 11:59 AM

This automation can be used to determine the groups of systems whose processor type is intel or silicon. It's designed to be run more than once. When you add new systems to JumpCloud this script would need to be run to group those systems based on their processor type.

Why might this be useful:

  • Some policies (Kext based policies) will not work on silicon based systems by default.
  • Software packages may be designed to work for one type of processor
  • You want to two different device groups for systems that are intel/ silicon based

The Script:

# Get the systems from one onboarding group
$allsystems = Get-JCSystem -returnProperties arch -os "Mac OS X"
# system groups
$silicon = "MacOS-silicon"
$intel = "MacOS-intel"
# IF the group names do not exist, create them...
if (-Not (Get-JCGroup -Type System -Name $silicon))
{
    New-JcSdkSystemGroup -name $silicon
}
if (-Not (Get-JCGroup -Type System -Name $intel))
{
    New-JcSdkSystemGroup -name $intel
}
$groupIDSilicon = Get-JCGroup -Type System -Name $silicon | select-object id
$groupIDUIntel = Get-JCGroup -Type System -Name $intel | select-object id
$SiliconSystems = Get-JCSystemGroupMember -GroupName $silicon | select-object SystemID
$IntelSystems = Get-JCSystemGroupMember -GroupName $intel | select-object SystemID

# For each system...
foreach ($system in $allSystems)
{
    if ($system.arch -eq 'arm64')
    {
        if ($system._id -notin $SiliconSystems.SystemID)
        {
            write-host "System: $($system._id) has Silicon Processor. Adding to $silicon Group"
            Set-JcSdkSystemGroupMember -GroupId:$groupIDSilicon.id -Op:add -Id:$system._id
        }
        else
        {
            write-host "System: $($system._id) Already in $silicon Group"
        }
    }
    else
    {
        if ( $system._id -notin $IntelSystems.SystemID)
        {
            write-host "System: $($system._id) has Intel Processor. Adding to $intel Group"
            Set-JcSdkSystemGroupMember -GroupId:$groupIDUIntel.id -Op:add -Id:$system._id
        }
        else
        {
            write-host "System: $($system._id) Already in $intel Group"
        }
    }
}

After running the script for the first time, two new groups should be created in your organization "MacOS-Silicon" & "MacOS-Intel" those groups should contain systems whose processor type matches either silicon or intel. Subsequent runs of this script will update membership for newly added systems.

Labels:
1 REPLY 1

jworkman
JumpCloud Employee
JumpCloud Employee

โ€Ž11-30-2022 12:27 PM - last edited on โ€Ž11-30-2022 01:51 PM by Community Manager Community Manager

For each system found, the script will iterate through and determine which device group the system should be a member of.

BScott_3-1669834232996.png

BScott_2-1669834146587.png

Preview file
520 KB
Preview file
82 KB
You Might Like

New to the site? Take a look at these additional resources:

Community created scripts:

Our new Radical Admin blog:

Keep up with Product News:

Read our community guidelines

Ready to join us? You can register here.