jamf.Reporting/jamf_initialEntry.ps1 at master · scriptsandthings/jamf.Reporting · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
<#

Script Name:  jamf_initialEntry.ps1
By:  Zack Thompson / Created:  9/13/2018
Version:  1.0.0 / Updated:  9/13/2018 / By:  ZT

Description:  This script will pull the initial enrollment for every device and export to a file.

#>

Write-Host "jamf_initialEntry Process:  START"

# ============================================================
# Define Variables
# ============================================================

# Setup Credentials
$jamfAPIUser = $(Read-Host "JPS Account")
$jamfAPIPassword = $(Read-Host -AsSecureString "JPS Password")
$APIcredentials = New-Object –TypeName System.Management.Automation.PSCredential –ArgumentList $jamfAPIUser, $jamfAPIPassword

# Setup API URLs
$jamfPS = "https://jps.company.com:8443"
$getComputers = "${jamfPS}/JSSResource/computers"
$getComputer = "${jamfPS}/JSSResource/computers/id"
$getMobileDevices = "${jamfPS}/JSSResource/mobiledevices"
$getMobileDevice = "${jamfPS}/JSSResource/mobiledevices/id"

# ============================================================
# Functions
# ============================================================

function getComputerRecords($deviceType, $urlALL, $urlID, $idEA, $csvLocation) {

    # Get a list of all computer records.
    Write-Host "Pulling all ${deviceType} records..."
    $objectOf_Devices = Invoke-RestMethod -Uri $urlALL -Method Get -Credential $APIcredentials

    # Get the ID of each device.
    Write-Host "Pulling data for each individual ${deviceType} record..."
    $deviceList = $objectOf_Devices."${deviceType}s"."${deviceType}" | ForEach-Object {$_.ID}

    ForEach ( $ID in $deviceList ) {
        # Get Computer's General Section.
        $objectOf_deviceGeneral = Invoke-RestMethod -Uri "${urlID}/${ID}/subset/General" -Method Get -Headers @{"accept"="application/xml"} -Credential $APIcredentials

        # Optional, if you want only mananaged devices, uncomment the if statement.
        # If ( $objectOf_deviceGeneral.${deviceType}.general.remote_management.managed -eq "true") {
            $objectOf_deviceGeneral.${deviceType}.general | Select-Object id, name, serial_number, initial_entry_date, @{Name="site"; Expression={$_.site.name}}, @{Name="platform"; Expression={$_.platform}} | Export-Csv -Path "$csvLocation\Enrolled${deviceType}s.csv" -Append -NoTypeInformation
        # }
    }
    Write-Host "All ${deviceType} records have been processed."
}


function getMobileDeviceRecords($deviceType, $urlALL, $urlID, $idEA, $csvLocation) {

    # Get a list of all Mobile Device records.
    Write-Host "Pulling all ${deviceType} records..."
    $objectOf_Devices = Invoke-RestMethod -Uri $urlALL -Method Get -Credential $APIcredentials

    # Get the ID of each device.
    Write-Host "Pulling data for each individual ${deviceType} record..."
    $deviceList = $objectOf_Devices."${deviceType}s"."${deviceType}" | ForEach-Object {$_.ID}

    ForEach ( $ID in $deviceList ) {
        # Get Mobile Device's General Section.
        $objectOf_deviceGeneral = Invoke-RestMethod -Uri "${urlID}/${ID}/subset/General" -Method Get -Headers @{"accept"="application/xml"} -Credential $APIcredentials

        # Optional, if you want only mananaged devices, uncomment the if statement.
        # If ( $objectOf_deviceGeneral.${deviceType}.general.managed -eq "true") {
            $objectOf_deviceGeneral.${deviceType}.general | Select-Object id, name, serial_number, @{Name="initial_entry_date"; Expression={$($_.initial_entry_date_utc).Split("T")[0]}} , @{Name="site"; Expression={$_.site.name}}, @{Name="platform"; Expression={$_.os_type}} | Export-Csv -Path "$csvLocation\Enrolled${deviceType}s.csv" -Append -NoTypeInformation
        # }
    }
    Write-Host "All ${deviceType} records have been processed."
}

# ============================================================
# Bits Staged...
# ============================================================

# Verify credentials that were provided by doing an API call and checking the result to verify permissions.
Write-Host "Verifying API credentials..."
Try {
	$Response = Invoke-RestMethod -Uri "${jamfPS}/JSSResource/jssuser" -Method Get -Credential $APIcredentials -ErrorVariable RestError -ErrorAction SilentlyContinue
}
Catch {
	$statusCode = $_.Exception.Response.StatusCode.value__
	$statusDescription = $_.Exception.Response.StatusDescription

	If ($statusCode -notcontains "200") {
		Write-Host "ERROR:  Invalid Credentials or permissions."
		Write-Host "Response:  ${statusCode}/${statusDescription}"
		Write-Host "jamf_initialEntry Process:  FAILED"
		Exit
	}
}

Write-Host "API Credentials Valid -- continuing..."

$saveDirectory = ($(Read-Host "Provide directiory to save the report") -replace '"')

# Call Device Update function for each device type
getComputerRecords computer $getComputers $getComputer "${saveDirectory}"
getMobileDeviceRecords mobile_device $getMobileDevices $getMobileDevice "${saveDirectory}"

Write-Host "jamf_initialEntry Process:  COMPLETE"