monitoring network changes with a launch daemon

One of the constant challenges at my company is how to keep laptop users’ computer inventories up to date and assign login policies (via JAMF) since they mostly never logout, restart, or shut down their machines. Most of the laptop users simply close the lid, putting the Mac to sleep, and then reopen it the next day or when they get home, etc. While this is one of the benefits to using a laptop over a desktop, it does make administration somewhat of a headache as we continually have to run Recon on these computers to keep their information up to date with the desktops that are always on the company network.

I’ve created a LaunchDaemon to monitor the /Library/Preferences/SystemConfiguration/preferences.plist file for changes when a laptop connects or disconnects from the wireless network. If a change is detected, the daemon forces the client to run a ‘jamf policy -trigger login’ command to simulate a login event. Our login policies include updating inventory, setting the local SUS, local administrative accounts, etc. In this fashion I can automatically keep inventory and policy information up to date on our laptops as well as our desktops and servers. I used Lingon to create the daemon, but Lingon will try to place the resulting plist file in the ~/Library/LaunchAgents directory. To make this a system level daemon, move it to the /Library/LaunchDaemons directory (jamf policy is also a sudo command, so running it from the user context will fail, it needs to be run on the system level). The structure of the plist is here, I’ve also linked to the launch daemon itself if you like to just download it and place it in the /Library/LaunchDaemons folder.

<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
 <plist version="1.0">

About this entry