mSCP jamf scripts

Bob Gendler one of the macOS Security Compliance Project (mSCP) Authors has posted some (FANTASTIC) scripts that will help integrate your mSCP project into a jamf instance.

This will help build compliance into Jamf.

This will build the following xml pieces to be used by Jamf:

• Categories (Section within baseline file)
• Extension Attributes (the check within the mSCP project rule)
• Scripts (the fix withn the mSCP project rule)
• Smart Groups (passed and failed)
• Policy scoped to failed with passed set as exempted
.
—-•—-
My implementation notes, after dropping generate_jamf.py script in the scripts directory within the project folders.

Step #1 – Move (generate_jamf.py) to project scripts folder as follows
/Users/MY_USER_FOLDER/Library/Application\ Support/macos_security/scripts

Step #2 – Run (generate_jamf.py) in project scripts folder as follows
python3 ./generate_jamf.py -j /Users/MY_USER_FOLDER/Library/Application\ Support/macos_security/baselines/DISA-STIG.yaml

Look for this output in:
/Users/MY_USER_FOLDER/Library/Application\ Support/macos_security/build

1.categories
2.ea
3.scripts
4.smartgroups
5.policies
preferences

The other part of this solution will automatically upload these pieces into your JAMF instance

Link:
https://github.com/boberito/mscp_jamf

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *