From 39737226a39b6b12512861c34fd40839bc16c5f8 Mon Sep 17 00:00:00 2001
From: Greg Hart <19595192+innowintay@users.noreply.github.com>
Date: Tue, 13 Apr 2021 13:20:05 -0400
Subject: [PATCH 1/2] Add commented alternative email address lookup

---
 DeploymentScripts/Mac/JAMF_silentinstall.sh | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/DeploymentScripts/Mac/JAMF_silentinstall.sh b/DeploymentScripts/Mac/JAMF_silentinstall.sh
index 9816310..def3d90 100644
--- a/DeploymentScripts/Mac/JAMF_silentinstall.sh
+++ b/DeploymentScripts/Mac/JAMF_silentinstall.sh
@@ -9,7 +9,7 @@ email="$6" #If email is entered in parameters, script will skip over using JAMF
 password="$7"
 JAMF_domain="$8"
 
-# The script needs access to the JAMF Pro API to gather related the related email for a given user 
+# The script needs access to the JAMF Pro API to gather related the related email for a given user
 # Account just needs to have Users - Read permissions
 # You can configure a temp account for this in the "Jamf Pro User Accounts & Groups" section of your console
 JAMF_username="$9"
@@ -45,7 +45,9 @@ function emailValidation {
 function jamfAPI {
 	echo "Making GET request to Classic JAMF API"
 	response=$(curl -s "https://$JAMF_domain.jamfcloud.com/JSSResource/users/name/$username" -u "$JAMF_username:$JAMF_password")
-
+	# Here is an alternative method of looking up email addresses if your LDAP users don't match your local user accounts.
+	# serial=$(ioreg -l |awk '/IOPlatformSerialNumber/ { print $4; }'|sed s/\"//g)
+	# response=$(curl "https://$JAMF_fqdn/JSSResource/computers/serialnumber/$serial" --user "$JAMF_username":"$JAMF_password" -H "Accept: application/xml")
 	email=$(echo $response | /usr/bin/awk -F'<email_address>|</email_address>' '{print $2}')
 	emailValidation
 }
@@ -71,8 +73,8 @@ function killSyspref {
 }
 
 function setDirectory {
-	if [ -n "$3" ] 
-	then 
+	if [ -n "$3" ]
+	then
 		cd /Users/"$3" || { echo "Failed to cd to user directory"; exit 1; }
 	fi
 }
@@ -84,7 +86,7 @@ function downloadBackblaze {
 
 function mountBackblaze {
 	echo "Mounting Installer..."
-	hdiutil attach -quiet -nobrowse install_backblaze.dmg 
+	hdiutil attach -quiet -nobrowse install_backblaze.dmg
 }
 ###################################################
 
@@ -95,8 +97,8 @@ mountBackblaze
 #Kill System Preferences process to prevent related BZERROR
 killSyspref
 
-#Check to see if Backblaze is installed already, if so update it. Else continue as planned. 
-if open -Ra "Backblaze" ; 
+#Check to see if Backblaze is installed already, if so update it. Else continue as planned.
+if open -Ra "Backblaze" ;
 	then
   		echo "Backblaze already installed, attempting to update"
 		updateBackblaze

From 13046c6c672a25338dde9b1193c7862d3040efb8 Mon Sep 17 00:00:00 2001
From: Greg Hart <19595192+innowintay@users.noreply.github.com>
Date: Tue, 13 Apr 2021 13:22:50 -0400
Subject: [PATCH 2/2] Add comments re: Jamf API permissions

---
 DeploymentScripts/Mac/JAMF_silentinstall.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/DeploymentScripts/Mac/JAMF_silentinstall.sh b/DeploymentScripts/Mac/JAMF_silentinstall.sh
index def3d90..4266928 100644
--- a/DeploymentScripts/Mac/JAMF_silentinstall.sh
+++ b/DeploymentScripts/Mac/JAMF_silentinstall.sh
@@ -10,7 +10,7 @@ password="$7"
 JAMF_domain="$8"
 
 # The script needs access to the JAMF Pro API to gather related the related email for a given user
-# Account just needs to have Users - Read permissions
+# Account just needs to have Users - Read permissions OR Computers - Read permissions if using the alternative serial number method
 # You can configure a temp account for this in the "Jamf Pro User Accounts & Groups" section of your console
 JAMF_username="$9"
 JAMF_password="${10}"
@@ -46,6 +46,8 @@ function jamfAPI {
 	echo "Making GET request to Classic JAMF API"
 	response=$(curl -s "https://$JAMF_domain.jamfcloud.com/JSSResource/users/name/$username" -u "$JAMF_username:$JAMF_password")
 	# Here is an alternative method of looking up email addresses if your LDAP users don't match your local user accounts.
+	# If using this alternative method, ensure your JAMF user account has Computers - Read access
+	#
 	# serial=$(ioreg -l |awk '/IOPlatformSerialNumber/ { print $4; }'|sed s/\"//g)
 	# response=$(curl "https://$JAMF_fqdn/JSSResource/computers/serialnumber/$serial" --user "$JAMF_username":"$JAMF_password" -H "Accept: application/xml")
 	email=$(echo $response | /usr/bin/awk -F'<email_address>|</email_address>' '{print $2}')