Topics created by ajm2358

@ajm2358 Is this a usb mac (or macs) that you use on devices that don’t have built-in lan?

I have a powershell method for doing this via the api, but the full solution requires some infrastructure work to store the defined macs used for imaging somewhere you can get them. I embed them in an internal powershell module I use for provisioning. You may really just need one or 2 functions from this example and I also haven’t tested it working just copy paste. You would for sure need to install the module and connect to the api first. I took this from my module but I believe it should work once you have the module installed, imported, and connected.

After a computer finishes imaging and provisioning, my last step is uses the powershell fogapi module (see the links in my signature for info on the module) to run

$usbmacs = [pscustomobject]@{ mac = "00:00:00:00:00"; description = "mac description, I have these defined in a json, this is an inline example"; } $result = Remove-UsbMac -usbMacs.mac -hostname ($ENV:COMPUTERNAME);

Then I make sure all the macs that are valid are present

$physicalMacs = (get-netadapter | select-object -expand macaddress).replace("-",":") $fogHost = (Get-FogHost -hostName $ENV:COMPUTERNAME) $hostID = ($fogHost.id); $pendingFogmacs = Get-FogHostPendingMacs -hostID $hostID; $pendingFogmacs | ForEach-Object { $pendingMac = $_; if ($usbMacs.mac -notcontains $pendingMac.mac) { "Mac $pendingMac is pending and is not usbmac" | Out-Host; if ($physicalMacs -contains $pendingMac) { "Mac $($pendingMac.mac) is attached to this device, approving" | Out-Host; Approve-FogPendingMac -macObject $pendingMac; } else { if ($pendingMac.hostID -eq $hostID) { "Mac $($pendingMac.mac) is not attached to this device, removing it from Fog" | Out-Host Deny-FogPendingMac -macObject $pendingMac; } } } else { "Mac $($pendingMac.mac) is a usbmac, removing it from Fog" | Out-Host Deny-FogPendingMac -macObject $pendingMac; } } $fogMacs = Get-FogMacAddresses; $physicalMacs | ForEach-Object { $mac = $_; $fogMac = $fogmacs | Where-Object mac -eq $mac; if ($null -eq $fogMac) { if ($mac -notin $usbMacs.mac) { "$mac doesn't exist in fog, adding it for the host" | Out-Host; try { Add-FogHostMac -hostID $hostID -macAddress $_ -forceUpdate; } catch { Write-Warning "secondary mac address $($_) failed to add to host" } } else { "Usb mac $mac is attached, remove usb mac after provisioning!" | out-host; } } else { $otherHost = Get-FogHost -hostid $fogmac.hostId "Mac address $mac is already assigned to or pending for a different host, $($otherhost.name)" | out-host; } }

Then I make sure I didn’t break the host on accident during that by unintentionally deleting all the macs

try { $hostObj = (Get-FogHost -hostName $ENV:COMPUTERNAME) if (!$hostObj) { throw "host not found by name, trying by active mac instead" } } catch { $mac = get-activeMacAddress; $hostObj = Get-FogHost -macAddr $mac; } if ($hostObj.pending -ne '0') { Write-Verbose "The host is pending or not explicitly set to not pending in fog, adjust host to be approved be setting pending to '0'"; try { Reset-HostEncryption -fogHost $hostObj; $hostObj.pending = "0"; $jsonData = $hostObj | Select-Object id,pending | ConvertTo-Json; Update-FogObject -type object -coreObject host -IDofObject $hostObj.id -jsonData $jsonData; Restart-Service FOGService; } catch { Write-Verbose "There was an issue resetting host encryption or when running set-fogou -force. Host id is $($hostObj.id)" } }

TL;DR

Take a look at the Fog API Powershell Module especially the Remove-USBMac function and the Deny-FogPendingMac function. You can also use the above example for a more robust solution. The above solution also assumes its being run from the host in question, you can also manage any host remotely through the api.