usage: jamf2snipe [-h] [-v] [--dryrun] [-d] [--do_not_verify_ssl] [-r]
[--no_search] [-u | -ui | -uf] [-m | -c]
optional arguments:
-h, --help show this help message and exit
-v, --verbose Sets the logging level to INFO and gives you a better
idea of what the script is doing.
--dryrun This checks your config and tries to contact both the
JAMFPro and Snipe-it instances, but exits before
updating or syncing any assets.
-d, --debug Sets logging to include additional DEBUG messages.
--do_not_update_jamf Does not update Jamf with the asset tags stored in
Snipe.
--do_not_verify_ssl Skips SSL verification for all requests. Helpful when
you use self-signed certificate.
-r, --ratelimited Puts a half second delay between Snipe IT API calls to
adhere to the standard 120/minute rate limit
-f, --force Updates the Snipe asset with information from Jamf
every time, despite what the timestamps indicate.
-u, --users Checks out the item to the current user in Jamf if
it's not already deployed
-ui, --users_inverse Checks out the item to the current user in Jamf if
it's already deployed
-uf, --users_force Checks out the item to the user specified in Jamf no
matter what
-uns, --users_no_search
Doesn't search for any users if the specified fields
in Jamf and Snipe don't match. (case insensitive)
-m, --mobiles Runs against the Jamf mobiles endpoint only.
-c, --computers Runs against the Jamf computers endpoint only.
This tool will sync assets between a JAMF Pro instance and a Snipe-IT instance. The tool searches for assets based on the serial number, not the existing asset tag. If assets exist in JAMF and are not in Snipe-IT, the tool will create an asset and try to match it with an existing Snipe model. This match is based on the Mac's model identifier (ex. MacBookAir7,1) being entered as the model number in Snipe, rather than the model name. If a matching model isn't found, it will create one.
When an asset is first created, it will fill out only the most basic information. When the asset already exists in your Snipe inventory, the tool will sync the information you specify in the settings.conf file and make sure that the asset_tag field in JAMF matches the asset tag in Snipe, where Snipe's info is considered the authority.
Because it determines whether JAMF or Snipe has the most recently updated record, there is the potential to have blank data in Jamf overwrite good data in Snipe (ex. purchase date).
Lastly, if the asset_tag field is blank in JAMF when it is being created in Snipe, then the tool will look for a 4 or more digit number in the computer name. If it fails to find one, it will use JAMFID-<jamfid#> as the asset tag in Snipe. This way, you can easily filter this out and run scripts against it to correct in the future.
- Python3 is installed on your system with the requests, json, time, and configparser python libs installed.
- Network access to both your JAMF and Snipe-IT environments.
- A JAMF username and password that has read & write permissions for computer assets.
- Computers: Read, Update
- Snipe API key for a user that has edit/create permissions for assets and models. Snipe-IT documentation instructions for creating API keys: https://snipe-it.readme.io/reference#generating-api-tokens
- Install Python 3.6 or later
- Grab the latest PKG installer from the Python website and run it.
- Add Python 3.6 or later to your PATH
- Run the
Update Shell Profile.command
script in the/Applications/Python 3.X
folder to addpython3.X
your PATH
- Create a virtualenv for jamf2snipe
- Create the virtualenv:
mkdir ~/.virtualenv
- Add
python3.X
to the virtualenv:python3.X -m venv ~/.virtualenv/jamf2snipe
- Activate the virtualenv:
source ~/.virtualenv/jamf2snipe/bin/activate
- Install dependencies
pip install -r /path/to/jamf2snipe/requirements.txt
- Configure settings.conf
- Run
python jamf2snipe
& profit
- Copy the files to your system (recommend installing to /opt/jamf2snipe/* ). Make sure you meet all the system requirements.
- Edit the settings.conf to match your current environment. The script will look for a valid settings.conf in /opt/jamf2snipe/settings.conf, /etc/jamf2snipe/settings.conf, or in the current folder (in that order): so either copy the file to one of those locations, or be sure that the user running the program is in the same folder as the settings.conf.
All of the settings that are listed in the settings.conf are required except for the api-mapping section. It's recommended that you install these files to /opt/jamf2snipe/ and run them from there. You will need valid subsets from JAMF's API to associate fields into Snipe.
Note: do not add ""
or ''
around any values.
[jamf]
url
: https://your_jamf_instance.com:portusername
: Jamf API user usernamepassword
: Jamf API user password
[snipe-it]
url
: http://your_snipe_instance.comapikey
: API key generated via these steps.manufacturer_id
: The manufacturer database field id for the Apple in your Snipe-IT instance.defaultStatus
: The status database field id to assign to any assets created in Snipe-IT from JAMF.
To get the database fields for Snipe-IT Custom Fields, go to Custom Fields, scroll down past Fieldsets to Custom Fields, click the column selection and button and select the unchecked 'DB Field' checkbox. Copy and paste the DB Field name for the Snipe under api-mapping in settings.conf.
To get the database fields for Jamf, refer to Jamf's "Classic" API documentation.
You need to set the manufacturer_id for Apple devices in the settings.conf file. To get this, go to Manufacturers, click the column selection button and select the ID
checkbox.
Some example API mappings can be found below:
- Computer Name:
name = general name
- MAC Address:
_snipeit_mac_address_1 = general mac_address
- IPv4 Address:
_snipeit_<your_IPv4_custom_field_id> = general ip_address
- Purchase Cost:
purchase_cost = purchasing purchase_price
- Purchase Date:
purchase_date = purchasing po_date
- OS Version:
_snipeit_<your_OS_version_custom_field_id> = hardware os_version
- Extension Attribute:
_snipe_it_<your_custom_field_id> = extension_attributes <attribute id from jamf>
More information can be found in the ./jamf2snipe file about associations and valid subsets.
It is always a good idea to create a test environment to ensure everything works as expected before running anything in production.
Because jamf2snipe
only ever writes the asset_tag for a matching serial number back to Jamf, testing with your production JAMF Pro is OK. However, this can overwrite good data in Snipe. You can spin up a Snipe instance in Docker pretty quickly (see the Snipe docs).
Thanks to all of the people that have already contributed to this project! If you have something you'd like to add please help by forking this project then creating a pull request to the devel
branch. When working on new features, please try to keep existing configs running in the same manner with no changes. When possible, open up an issue and reference it when you make your pull request.