cancel
Showing results for 
Search instead for 
Did you mean: 

Populate JumpCloud System Groups based on Mac chipset via PowerShell

RyanBailey
Novitiate III

Hey folks,

I've seen questions pop up a few times recently on the Lounge about how to poll or organize Macs by chipset in JumpCloud. This is important for software deployments that have separate M1/Intel images and for Custom MDM Configuration Policies that have different requirements based on chipset. I'll post a script here that you can use regularly to keep things up to date, but feel free to scroll down if you just need a few lines for a one-time deployment. Just update the top with your API key and change the group names in single quotes if you'd like. I really enjoy scripting but always feel like I'm in the learning phase so feel free to provide feedback on structure or efficiency!

Going to throw the normal caveat in here - make sure you do your own testing. This works fine in my tests and I tried to add some error handling but make sure you understand what this script is doing. Use at your own risk!

 

# Edit the variables below, you shouldn't need to edit any other lines.
$jcApiKey = 'YOURAPIKEY'
$groupNames = @{
    intelGroupName = 'Mac - Intel Systems'
    m1GroupName    = 'Mac - M1 Systems'
}

# Check if JumpCloud module is installed, if not, install it and connect.
try {
    if (-not (Get-Module -ListAvailable JumpCloud)) {
        Install-Module -Name JumpCloud -Scope CurrentUser -Force
    }
    Import-Module -Name JumpCloud
    Connect-JCOnline -JumpCloudApiKey $jcApiKey
} catch {
    Write-Error "Something went wrong connecting to JumpCloud! $($_.Exception.Message)" -ErrorAction Stop
}

# Create the groups if they don't exist.
try {
    Write-Host "`nCreating JumpCloud System Groups if needed..." -ForegroundColor Green
    foreach ($group in $groupNames.GetEnumerator()) {
        if (-not (Get-JCGroup -Type system -Name $group.Value -ErrorAction SilentlyContinue)) {
            New-JCSystemGroup -GroupName $group.Value | Out-Null
            Write-Host $group.Value 'System Group created in JumpCloud.'
        } else {
            Write-Host $group.Value 'System Group already exists in JumpCloud.'
        }
    }
} catch {
    Write-Error "Something went wrong when checking for groups! $($_.Exception.Message)" -ErrorAction Stop
}

# Populate the groups with the relevant systems.
try {
    Write-Host "`nPopulating JumpCloud System Groups with relevant systems..." -ForegroundColor Green
    $macSystems = Get-JCSystem -os 'Mac OS X' -returnProperties os,displayName,arch | Sort-Object arch
    $m1GroupMembers = Get-JCSystemGroupMember -GroupName $groupNames.m1GroupName
    $intelGroupMembers = Get-JCSystemGroupMember -GroupName $groupNames.intelGroupName

    foreach ($system in $macSystems) {
        if (($system.arch -eq 'x86_64') -and ($system._id -notin $intelGroupMembers.SystemID)) {
            Add-JCSystemGroupMember -SystemID $system._id -GroupName $groupNames.intelGroupName
        }
        if (($system.arch -eq 'arm64') -and ($system._id -notin $m1GroupMembers.SystemID)) {
            Add-JCSystemGroupMember -SystemID $system._id -GroupName $groupNames.m1GroupName
        }
    }
} catch {
    Write-Error "Something went wrong when trying to add our systems to the groups! $($_.Exception.Message)" -ErrorAction Stop
}

 

Alternatively if big blocks of code are scary and you just want to do this one time, manually create the groups in JumpCloud and you can run this.

 

# M1 systems
Get-JCSystem | Where-Object {$_.os -like "Mac OS X" -and $_.arch -eq "arm64"} | Add-JCSystemGroupMember -GroupName "Mac - M1 Systems"
# Intel Systems
Get-JCSystem | Where-Object {$_.os -like "Mac OS X" -and $_.arch -ne "arm64"} | Add-JCSystemGroupMember -GroupName "Mac - Intel Systems"

 

Hope this is helpful for some people. If you bump into any issues feel free to ping me here or on the Lounge!

2 REPLIES 2

BenGarrison
JumpCloud Alumni
JumpCloud Alumni

This is an absolutely GEM of a resource!

hoium
Novitiate II

One change I would recommend is to ask the user to enter in their API-Key

 

$ApiKey = Read-Host -Prompt 'Input your JumpCloud API Key'

$jcApiKey = $ApiKey