Introduction: In this blog post, we’ll demonstrate how to create a script that automates the process of adding a device to an Addigy policy. The script will check if the logged-in computer has an Addigy AgentID and, if so, add that AgentID to a predefined policy.
Here’s the updated and improved script:
#!/bin/bash
# Replace XXXX with your actual policy ID policy_id="XXXX"
# Function to extract the agent ID from the Addigy configuration file get_agent_id() { awk '$1 == "agentid" {print $2}' /Library/Addigy/config/.adg_agent_config }
# Function to add the device to a predefined Addigy policy using Addigy API add_device_to_policy() { local agent_id=$1 local policy_id=$2
# Main script execution agent_id=$(get_agent_id) if [ -n "$agent_id" ]; then add_device_to_policy "$agent_id" "$policy_id" else echo "Agent ID not found. Please ensure Addigy Agent is installed and configured properly." fi
Be sure to replace YOUR_CLIENT_ID and YOUR_CLIENT_SECRET with your actual Addigy API credentials. This script is compatible with macOS systems running the Addigy agent.
With this improved script, you can easily automate adding devices to Addigy policies, saving time and effort in managing your device fleet.
The process of IT onboarding new employees to an organization is typically dull and repetitive, a workflow where an authority fills a form, and form entries get converted to tasks. As an IT professional with over two decades of experience, I’ve created thousands of to-do lists; it’s a necessary part of being thorough. However, repetitive tasks waste valuable creative time and energy, are not scalable, and are error-prone. Making a to-do list for a new setup is a good practice, but the holy grail of completing a task list is automation. Automation allows you to remove the task from your checklist forever. Onboarding is a process, and every new hire is a project testing that process.
The Old Way
In most organizations, the process starts when IT receives a form from HR with a start date, first and last name, title, department; you get it. IT would then connect to an account creation tool to copy and paste all of the bits needed to create the new account; often, you had to do this in multiple systems. Once the account creation is complete, one would begin assigning the correct access permissions and system rights. Managing the correspondence between IT, HR, and the Hiring Manager by responding to queries with updates while actioning tasks can be challenging.
Sometimes the form details were inaccurate, a misspelling, or wrong last name. Once an account is created incorrectly, it was not easily corrected, requiring many of the steps repeated. IT relives this lengthy process every time someone is hired. If only there were a way to eliminate these tasks entirely and make the process more efficient, scalable, and accurate.
The New Way
Automation has been around since the dawn of computing but was not accessible or affordable to smaller organizations. It required programming teams to develop in-house solutions. There was no hope of connecting to external systems unless explicitly allowed by a vendor through a VPN. Things have changed a bit, and thousands of APIs are now accessible through SaaS platforms like Zapier with little to no programming knowledge.
The paper form and photocopied to-do list are now Google Forms, Zapier, and Trello cards. Their APIs and many others like them allow us to skip the dashboard altogether and build workflows that eliminate the most tedious part of our onboarding responsibilities. Identity Providers (IdP) like JumpCloud offer SSO/SAML integration with many services like Google Workspace, Slack, and Zoom. JC reduces complexity in your workflow script; you don’t have to create additional scripting. Add a user to the appropriate group and let JumpCloud provision the new account across multiple services.
The Task
In the following workflow, you will create a Zapier Webhook to connect to the JumpCloud API when someone fills a Google Form. This Zap (a Zapier automation) can be as simple or complicated as you like. We will only set up two tasks in this workflow, but I will suggest other ideas later in this article.
Create a Google Form. Consider creating a digital version of your paper form or linking to an existing form if you already use Google Forms.
Create Zapier Zap that looks for new Google Form Response Google Sheet rows created by the form in the previous step.
In the above Zap, use the form data to POST the creation of a new user via JumpCloud API.
Zapier Workflow Steps
1. Create a new Zap in Zapier
We are about to create a trigger that sets off a chain of events when your HR department fills out a Google Form.
2. Add a Trigger
Choose your trigger app: Google Sheets
Select your trigger event: New Spreadsheet Row
I will not detail the process of setting up a Google Sheet row update trigger. It’s pretty straightforward, and many other resources teach you how to do this.
3. Action: Condition Run
Your form variables should go into the right column. These details change with every new form entry.I’m sure you already know that exposing your API key is a security risk. I encourage you to enable MFA in Zapier for added security.
Data: username: Get from Step 1 firstname: Get from Step 1 email: Get from Step 1 activate: true jobTitle: Get from Step 1 employeeType: Get from Step 1 department: Get from Step 1 Wrap Requests in an Array: no File: Left Blank Unflatten: yes Basic Auth: Left Blank Headers: x-api-key | JUMPCLOUDAPIKEY
4. Action: Condition Run (Additional Options)
Our onboarding form has a relationship field where HR selects one of the various paths. Initially, my onboarding Zap is configured for three distinct paths: Full-Time, Part-Time, No Email. I originally started with different Zaps for onboarding and offboarding. Recently, I combined them into one Zap, and I have created a simple flowchart to show you the logic. I’ve also started using Typeform because of the better logic it offers over Google Forms.
Send internal email to HR, Ops, Hiring Manager to notifying them of the new hire.
Post notification in a Slack channel.
Add to new hire date to an onboarding calendar.
Create a Trello card to track any tasks that have not yet been automated.
Create an IT Welcome letter and email it to the new hire’s personal email address.
Add the end-user to JumpCloud groups like staff or freelancers.
Final Thoughts
JC will ignore an API request to create a username that already exists. The following modification to my Zap will check JC to see if the new username exists, modify it, or get a notification to intervene. No more errors or recreating users manually; if your automation works, the only mistakes will come from insufficient data in the form. I ask my HR team to resubmit the request if, for any reason, the initial form entry was inaccurate. You are effectively making it no longer your problem – I can feel you smiling inside.
Workflows are always a work in progress. There are always more things to do. I am not a programmer, so I have spent countless hours searching for various solutions and figuring out ways of gluing them together. I’m getting better at asking for help. If I can figure this stuff out, anyone can.
Special thanks to the Mac Admins community. This is my first blog and my attempt to give back after listening, reading, and learning for so many years.
