If a computer has a Jamf Protect Status that is not Protected attempt to remediate the problem and notify IT.
-
The API endpoint is triggered when there is achange in a Jamf Pro smart group.
a. Computers are added to the smart group when the Jamf Protect Status extension attribute does not equal Protected.
b. Computers added to a the smart group are sent to the next work flow.
-
Get the Jamf Protect Status, send a message to Slack and attempt to remediate.
a. The computer is added to a Jamf Pro static group.
b. The Static group is scoped to a policy that excludes the computer from the Protect configuration profile.
c. After 2 minutes the computer is removed from the static group and the Protect configuration profile is re-deployed.
d. Check the Jamf Protect status, if it is still not protected send a message to Slack and....
e. The computer is added to another Jamf Pro static group that is scoped to two policies.
f. One policy runs protectctl cmds and the other updates inventory.
g. A helper workflow is triggered that loops until the computer updates inventory.
h. The Jamf Protect status is returned when the loop completes.
- The Jamf Protect connectionStatus helper workflow.
- The Jamf Protect connectionStatus check loop.
- The inventory update check loop.