JumpCloud Community

Hi Folks, 

Another Friday, another post 😀 - We probably all need something to cheer up in this prolonged, if not dreary, February.

As the title suggests, today, I wanted to share a use case I recently got the idea for from @rickieneville  - in combination with two awesome new conditions in Dynamic Groups: Hostnames and Public IPs, and a cherry on top - the “starts with” operator. (A big shout-out to @dwjohn )

So, what was the story? Well, Rickie was asking if we have a way to automatically move devices into groups based on their types - Desktop or Laptops. The use cases can be:

• Call centre desktops need more stringent policies. 
• Meeting room devices / Kiosk machines have customised settings. 
• Laptops in stationary environments - reception, warehouse etc

et’s Dive in. 

(Spoiler alert -  make sure you are comfortable with my approach to change the hostname into a certain pattern org-wide, which otherwise can be customised & tailored to your organisation’s needs.) 

Step 1 - Prepare For The Hostname Changes

TL;DR - For the complete script, head over to my repository here. 

To reconcile the hostnames of the devices of your choice, run the snippet below. It is strongly recommended to run this in smaller batches rather than executing a "big bang" on all devices at once.

We will change the “Displayname” on JumpCloud via the PowerShell Module this time around. 

# -----------------------------------------------------------------------------
# Script: Set-JCDisplayName.ps1
# Version: 1.0.0
# Author: Shawn Song
# Reference: 
#  -  https://community.jumpcloud.com/t5/community-scripts/powershell-add-the-systems-to-a-system-group-depends-on-where/m-p/1733#M172
# 
# Notes: Don't run this on all devices unless you are 100% sure about the impact!!
# Requirements:
# - The latest JumpCloud PowerShell Module. https://jumpcloud.com/support/install-the-jumpcloud-powershell-module
# - PowerShell 7 and above versions. 
# - JumpCloud API keys for both Manager & Read-only roles. 
# -----------------------------------------------------------------------------


# Connect to your JC Tenant - Manager role is good enough!
Connect-JCOnline -JumpCloudApiKey $env:JCRW # Strongly suggest storing the API key in the system env variable,

$jcSystems = "system_ID01","system_ID02"

# Don't run this on all devices unless you are 100% sure about the impact!!
#$jcSystems  = (Get-JCSystem -returnProperties osFamily | where {($_.osFamily -ne "ios") -and ($_.osFamily -ne "android")})._id # ruling out the mobile devices

# Determine the machine type
function Get-MachineType {
    param (
        [parameter(Mandatory=$true)]    
        [string]$systemID
    )
    $hasBattery = Get-JCSystemInsights -Table Battery -SystemId $systemID
    $type = "LT"

    if ($null -eq $hasBattery ) {
       $type = "DT"
    }
   return $type
}

# Get the SN (and cap at 10 char) as part of the hostname
function Get-MachineSN{
    param (
        [Int32]$snCharLimit = 12, # 12 is the hostname hard limit for Windows
        
        [parameter(Mandatory=$true)]    
        [string]$systemID
    )
    $SN = (Get-JCSystemInsights -Table SystemInfo -id $systemID | select HardwareSerial).HardwareSerial
   
    if (($SN.Length -gt $snCharLimit) -and ($null -ne $SN)){
        $SN = $SN.trim() -replace " ",'' -replace '-','' -replace '\r?\n\z'  # removing whitespaces
        $SN = $SN.Substring(0,$snCharLimit)
    }
    
    return $SN
}

Step 2 - Create A New Group to Park These Devices, And Execute The Change. 

Now, it’s time to gather these devices into a device group for later, changing the hostname on the device individually, for each supported OS. 

# Create a new device group to gather these systems together
$newGrounName = "NewHostName"
$ng = Get-JCGroup -Type System -name $newGrounName -ErrorAction SilentlyContinue
if ($null -eq $ng){
    $ng = New-JCSystemGroup -GroupName "NewHostName"
}
# Executing the change
foreach ($s in $jcSystems){
    $displayName =  (Get-MachineType -systemID $s) +'-' + (Get-MachineSN -systemID $s)
    
    # Changing the displayname on JC
    Write-Host "new name for $s will change to: $displayname"
    Set-JCSystem -displayName $displayName

    # Add to the system group
    write-host "adding $displayname to group $($ng.name)"
    Add-JCSystemGroupMember -GroupID $ng.id -SystemID $s

}

Step 3 -  Change The Individual Hostname On The Device 

• Create the respective commands from the templates, the commands will make changes according to JumpCloud “displayname” we have changed in step 2.
• At this point you will only need the Read-Only API key to use in these templates, and bind the new commands to the group we created in step 2. 
• Suggest to set the cmd to run repeatedly for a few days as the devices are on & off during the day by nature. 
• For Windows, the device will need to reboot before the new name takes effect. You might consider pairing this change with the patch policy to minimise the reboots. 

Step 4 - Wave The Dynamic Groups’ Magic Wand

Last but not least, now we can group the desktops or laptops together like these:

Boom, the respective devices will fall into the place progressively as the cmd runs. Now you can implement policies, install softwares, and enforce patch policies for these distinguished groups!

That’s it, thanks for reading this far. What do you think about this use case? Leave a comment below please. 😉

Happy Friday, have a great weekend ahead!