-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathUpdateAppVPPToken.sh
More file actions
100 lines (74 loc) · 3.5 KB
/
UpdateAppVPPToken.sh
File metadata and controls
100 lines (74 loc) · 3.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/bin/sh
# Migrate all apps assigned to a VPP account in Jamf Pro to another VPP account.
# If any apps do not have licenses on the new VPP account they will not be migrated, and will need to be handled manually.
# see https://github.com/pirkla/JamfScripts/blob/master/UpdateVPPByID.sh to update managed distribution and vpp tokens by id
################ USER DEFINED VARIABLES START #############################
# Enter credentials and the token id's. If hosting locally use the format https://your.url:8443
# Special characters in the user or password may cause issues with parsing the script
jssURL="https://yoururl.jamfcloud.com"
apiUser="admin"
# apiPass="password"
read -s -p "Password: " apiPass
newToken="999"
oldToken="999"
# specify the endpoint and xml node name for applications
# comment this out to switch to mac applications
endpoint="mobiledeviceapplications"
xmlEndpoint="mobile_device_application"
# comment this back in to switch to mac applications
# endpoint="macapplications"
# xmlEndpoint="mac_application"
################ USER DEFINED VARIABLES END #############################
# base64 encode user/password since curl can't handle special characters
auth=$( printf "$apiUser:$apiPass" | base64 )
# get all id's and names from the endpoints
appResp=$(curl -w "%{http_code}" -H "content-type: application/xml" -H "authorization: Basic $auth" -ks "$jssURL/JSSResource/$endpoint" -X GET )
status=${appResp: -3}
allApps=$( echo $appResp | sed 's/...$//')
if [[ "$status" != "200" ]]; then
echo "There was a problem: $status"
exit 1
fi
ids=$( echo "$allApps" | xpath "//id[not(ancestor::site)]" 2> /dev/null | sed s/'<id>'//g | sed s/'<\/id>'/' '/g)
IFS=', ' read -r -a allIDs <<< ${ids}
appNames=$( echo "$allApps" | xmllint --xpath '//name' - | sed s/'<name>'//g | sed s/'<\/name>'/','/g)
IFS=',' read -r -a allNames <<< "${appNames}"
# initialize variables to collect failed updates
failedName=""
failedID=""
# loop over each id
for index in ${!allIDs[@]};
do
echo "checking ${allIDs[index]}"
# get the VPP xml subset
tokenResp=$(curl -w "%{http_code}" -H "accept: text/xml" -H "content-type: text/xml" -H "authorization: Basic $auth" -ks "$jssURL/JSSResource/$endpoint/id/${allIDs[index]}/subset/vpp" -X GET )
tokenStatus=${tokenResp: -3}
if [[ "$tokenStatus" != "200" ]]; then
echo "there was an error retrieving the token: $tokenStatus"
fi
token=$( echo $tokenResp | sed 's/...$//' | xpath //vpp/vpp_admin_account_id/text\(\) 2> /dev/null)
# if the old token is being used then switch tokens
if [ "$token" == "$oldToken" ]; then
update=$(curl -H "accept: text/xml" -H "content-type: text/xml" -H "authorization: Basic $auth" -ks "$jssURL/JSSResource/$endpoint/id/${allIDs[index]}" -w '%{http_code}' -X PUT -d "<${xmlEndpoint}>
<vpp>
<vpp_admin_account_id>$newToken</vpp_admin_account_id>
</vpp>
</${xmlEndpoint}>" --output /dev/null)
echo "******* updating ${allIDs[index]}"
# report and gather failed updates
if [ "$update" != "201" ]; then
echo "failed $update"
failedName+="${allNames[index]}, "
failedID+="${allIDs[index]} "
fi
fi
done
# Report failed token updates.
if [ "$failedName" != "" ]; then
echo "The following apps did not migrate to the new token and will need to be managed manually"
echo "$failedName"
echo "The ID's of those apps are as follows"
echo "$failedID"
else
echo "All apps on the old token have been migrated to the new token"
fi