Notify Screen

Jamf Connect Documentation
Solution
Application
Jamf Connect
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

Jamf Connect can include a notify screen that can display a progress bar, customized text, and images during Automated Device Enrollment.

The notify screen listens for commands written to a control file. This process is similar to the UNIX tail command where the notify screen watches for changes to the file and then reads the last line in the file to run the expected command. This can result in a highly customizable screen to show end users what is occurring with their machine during the initial setup process.

Commands are processed immediately when written to the file. While a process is running, a policy is installing a package, a script is performing actions, and the notify screen pauses waiting for the next command written to the control file.

Example:

  1. Send a command to change the text in the notify mechanism Main Title to the name of the app being installed.

  2. Send a command to change the text in the Main Text area to explain what the application does on the user's computer and why it is being installed.

  3. Send a command to change the text in the Status area to a short description of what is occurring (e.g., Installing Jamf Protect).

  4. Run a policy from Jamf Pro to perform an action. This should take longer than the amount of time a user would take to read the screen text.

  5. Send a command to quit the Notify mechanism.

The command file is written to /var/tmp/depnotify.log

Alternatively, the notify screen can be configured to read and display policy logs from Jamf Pro. This will update the text below the progress bar to read the last command that the Jamf local binary performed and recorded in the device logs. To use this method, add the preference key for Notify Screen Log Style (NotifyLogStyle) to the Jamf Connect login configuration profile. 
<key>NotifyLogStyle</key>
<string>jamf</string>
Commands sent to the command file can be used in conjunction with the NotifyLogStyle key.
Administrators can use several different methods to write commands to the control file including a:

  • Script installed locally on the device that can be defined with the Script Path (ScriptPath) setting in the Jamf Connect login configuration profile

  • Jamf Pro policy that can execute a script as part of its payload

  • Jamf Pro policy that can execute a single line UNIX terminal command as part of its payload

Note:

ScriptPath can run a script as the root user at every login, if defined. A script at the defined path can also run arbitrary code on every login. To avoid any malicious actions, administrators should consider defining ScriptPath as /dev/null/impossiblepath.sh if not in use. Alternatively, place an empty file at the path defined by ScriptPath (e.g touch /PathToFile/filename.sh and chmod 000 /PathToFile/filename.sh.