Menu Close

Auto-reveal app after Self Service installation

Leverage Jamf Pro’s Execute Command to auto-close the Self Service description, auto-reload Self Service and auto-reveal an app after user installation

Microsoft Edge auto-revealed after Self Service installation

Background

Like nearly all Jamf Pro customers, we leverage Self Service to allow Standard Users to easily install apps at the users’ discretion.

However, the out-of-the-box Self Service experience didn’t exactly meet all of our requirements.

We received three apparently simple requirements for each time a user installed an app via Jamf Pro’s Self Service:

  1. Auto-close the Self Service description
  2. Auto-reload Self Service
  3. Auto-reveal the installed app

Auto-close the Self Service description

Ensuring users view a Self Service description is straight forward; closing the description is another matter.

  • View Self Service Description: Jamf Pro > Policy > Self Service > Make the policy available in Self Service > Description > Ensure that users view the description
  • Close Self Service Description: Simulate pressing the Escape key as the currently logged-in user, or: /usr/bin/su \- "`/usr/bin/stat -f%Su /dev/console`" -c "/usr/bin/osascript -e 'tell application \"Self Service\" to activate' -e 'tell application \"System Events\" to key code 53'"

Add the Files and Processes Payload to your Jamf Pro Policy and in the Execute Command field, add the above command.

Files and Processes Payload > Execute Command

Privacy Preferences Policy Control Settings

To simulate pressing the Escape key, you’ll first need two Privacy Preferences Policy Control settings. (My personal favorite is the com.jamf.management.service identifier with the com.jamf.management.Jamf code requirement.)

Auto-reload Self Service

With the heavy lifting of deploying the PPPC Configuration Profiles and the Execute Command to close the Self Service description complete, simulating Self Service > View > Reload, or Command-R, only requires the addition of: -e 'tell application \"System Events\" to keystroke \"r\" using {command down}'

Here’s the complete Execute Command to both close the Self Description and reload Self Service:

/usr/bin/su \- "`/usr/bin/stat -f%Su /dev/console`" -c "/usr/bin/osascript -e 'tell application \"Self Service\" to activate' -e 'tell application \"System Events\" to key code 53' -e 'tell application \"System Events\" to keystroke \"r\" using {command down}'"

Auto-reveal the Installed App

Per-app Customization

Revealing the installed app was straight-forward enough, too, but it was customized for each app:

# Adobe Acrobat Reader
/usr/bin/su \- "`/usr/bin/stat -f%Su /dev/console`" -c "/usr/bin/open -R '/Applications/Adobe Acrobat Reader DC.app'"

# Microsoft Edge
/usr/bin/su \- "`/usr/bin/stat -f%Su /dev/console`" -c "/usr/bin/open -R '/Applications/Microsoft Edge.app'"

# Mozilla Firefox
/usr/bin/su \- "`/usr/bin/stat -f%Su /dev/console`" -c "/usr/bin/open -R '/Applications/Firefox.app'"

Installomator

Once we started using Installomator, we wanted a more generic method to auto-reveal the installed app.

The following command sets the variable appName to the most recent Jamf Pro Policy execution (per jamf.log) and then reveals it via the open binary.

Note: This is keyed-off the Jamf Pro Policy Display Name, not based on the Self Service Display Name; our policy names begin with Installomator:.

appName=$( grep "Executing Policy" /private/var/log/jamf.log | sed -n -e 's/^.*Executing Policy Installomator: //p' | tail -1 ) ; /usr/bin/open -R "/Applications/${appName}.app"

App Name (version)

If your policy names include the app name and the version number, the following command should prove helpful:

appName=$( grep "Executing Policy" /private/var/log/jamf.log | sed -n -e 's/^.*Executing Policy //p' -n -e 's/ (.*//p' | tail -1 ) ; /usr/bin/open -R "/Applications/${appName}.app"

Possible Gotchas

Since appName is based on the policy’s Display Name, we did have to rename our Mozilla Firefox (102.0.1) policy to Firefox (102.0.1) since the popular Web browser app is Firefox.app; our Self Service Display Name still includes the vendor’s name.

Running command appName=$( grep "Executing Policy" /private/var/log/jamf.log | sed -n -e 's/^.*Executing Policy //p' -n -e 's/ (.*//p' | tail -1 ) ; /usr/bin/open -R "/Applications/${appName}.app"...

Result of command:
The file /Applications/Mozilla Firefox.app does not exist.

Complete Execute Command

The following command accomplishes all three requirements, plus updates computer inventory in the background:

  1. Auto-close the Self Service description
  2. Auto-reload Self Service
  3. Auto-reveal the installed app
  4. Update Computer Inventory
/usr/bin/su \- "`/usr/bin/stat -f%Su /dev/console`" -c "/usr/bin/osascript -e 'tell application \"Self Service\" to activate' -e 'tell application \"System Events\" to key code 53' -e 'tell application \"System Events\" to keystroke \"r\" using {command down}'" ; appName=$( grep "Executing Policy Installomator: " /private/var/log/jamf.log | sed -n -e 's/^.*Executing Policy Installomator: //p' | tail -1 ) ; /usr/bin/open -R "/Applications/${appName}.app" ; /usr/local/bin/jamf recon
Posted in Jamf Pro, Scripts, Tips & Tricks

Related Posts