Early on we decided to use JAMF to track our PC's as well manage our MacOS and iOS devices. We continued using recon.exe after it was deprecated, but as the writing was on the wall (and the release notes), another solution would be needed. I leveraged the experience I gained from writing Tugboat and Cargo Ship to develop Recce, a recon.exe replacement.
Recce duplicates much of the original recon.exe binary and uses JAMF's REST API to upload the inventory information. Using JAMF's API is a safe and reliable way to read and write data to your JAMF instance.
You can learn how to pronounce "recce" and learn more about the project here.
- Download
- Contact
- System Requirements
- Install
- Uninstall
- Purpose
- Usage
- Rebuilding the Windows application
- Program organization
- How can you help?
- Update History
Download the latest package here!
If you have any comments, questions, bug reports, pull requests or other input, either file an issue or send us an email. Thanks!
These requirements only apply if you're attempting to execute the raw source code. The provided binary doesn't require the following to be present:
The repository contains a precompiled version of Recce.
Simply delete the executable and the configuration file.
Recce was originally meant to replace the features provided by the deprecated recon.exe Windows application provided by JAMF. However, it became clear during development that Recce could become a framework for adding unmanaged machines of other operating systems as well.
For our purposes, we decided not to duplicate the entire spectrum of information that recon.exe gathers. We're ignoring the categories that were particularly time-consuming to collate or that we are tracking though other methods. These areas include:
- Fonts
- Users
- Applications
In addition, this release only supports Windows. If enough interest exists and time allows, modules for other operating systems may be added in the future. Also, the code is written in such a way that would allow a third party to create or modify an OS module easily.
The compiled version of Recce can be used like any other binary, as part of a scheduled job, for example. It can be used in the Windows GUI as a double-clickable application, where a shell window is opened on launch, or executed directly from a command shell.
When Recce is launched it will look for its configuration file. If it finds it in the same directory, it will create the log file in the same directory. If it finds the configuration file in the OS-specific location, the log file will be created in an OS-specific location as well.
Here is a chart to help you locate the files:
| Operating System | Configuration file location | Log file location |
|---|---|---|
| Windows | C:\ProgramData\edu.scl.utah.recce\edu.scl.utah.recce.ini |
C:\Users\[username]\AppData\Local\Temp |
Recce, being a command line tool, provides a number of flags that can be used to modify it's behavior.
| flag | description |
|---|---|
-s, --system_specific |
Instead of creating a new configuration file in the same directory as the Recce binary, place it in an OS appropriate location. |
-m, --manual_login |
Overriding any existing configuration file, ask for username, password, JAMF hostname and Slack info. |
-q, --quit_config |
If a configuration file can't be located, exit the script without attempting to connect to a JAMF server. |
The configuration file, edu.scl.utah.recce.ini, allows Recce to run without user input. The file will be created automatically the first time the tool is successfully used to communicate with a JAMF server. When the file is created the users password is written in base64 format. This is only enough to keep a casual observer from finding the password for the user. Care should therefore be taken with allowing uncontrolled access to the config file.
The file will look similar to the following:
[login]
hosts = https://your.jamf.server:8443
username = your_recce_user
access = <strong_password_here>
[slack]
slack_info_url = https://hooks.slack.com/services/your/slack/channel
If you have provided a Slack channel in the configuration file, Recce will send informative reports. These reports include New and Updated machine records, the JAMF id number for the machine and a URL to the machine.
Here is an example of Recce messages in Slack, it shows a new computer being added and an updating computer:
While this may be a peculiarity unique to our environment, I suspect other sites may experience the joy of motherboards sharing duplicated values. These may simply be blank serial numbers, or the scourge of duplicated UUID's. If Recce attempts to write values to the JSS and a duplicated value is detected preventing the write from completing, Recce will reformat the value so it can be easily found on the JSS and will be a unique value.
Here is a sample duplicate value message. The duplicate value is show in brackets (To be filled by O.E.M.), it is followed by the category of the value and a random value.
[To be filled by O.E.M.] duplicate serial [3fc1e4]
Slack will display the following text when it has detected duplicate values:
The log file created by Recce is quite verbose. However, I feel that with a log file in hand, one can easily follow the logic of the program. If you find Recce isn't completing properly on a machine, please file a bug report and include the entire log file.
This chart shows the required privileges for the Recce user to operate properly:
| Field | Create | Read | Update | Delete | Notes |
|---|---|---|---|---|---|
| Accounts and Groups | ☑ | Needed for login functionality | |||
| Computers | ☑ | ☑ | ☑ | ||
| LDAP Servers | ☑ | Needed for login functionality | |||
| Users | ☑ | ☑ | ☑ |
If you need to make changes to the source code of Recce, building an executable version requires the Pyinstaller package to be installed. Having an executable version eliminates the need to have Python installed on your clients. This is the pyinstaller command I use to build recce.exe:
pyinstaller --onefile --version-file file_version_info_recce.txt recce.py
The source code for Recce is divided into multiple modules, in order to avoid duplications and maintain efficient organization.
Handles launching of the script, OS detection, log file creation and flow control.
Handles the interaction with the JSS to confirm user credentials and privileges to make changes as required by Recce.
Handles the gathering and formatting of hardware, disk and networking information of machines running Microsoft Windows. Windows 7 and 10 have been tested, others may be supported. Most of this info is gathered through the wmic command
I'm glad you asked!
I wrote Recce with the idea that other OS's could be supported using a similar methodology as the windows_computer.py module. I've provided data structures and supporting methods to handle most of the information handling and uploading. The non-trivial gathering of that data (disks, hardware, networking, etc.) is left to the user. However, if we get enough requests, I may consider adding additional OS support.
The user password is minimally obfuscated. Pull requests offering additional safeguards are requested.
| Date | Version | Notes |
|---|---|---|
| 2019.07.16 | 1.0 | Initial release. |
| 2019.07.22 | 1.0.1 | Adjusted server url handling. |
| 2020.01.17 | 1.0.2 | Adjusted jamfcloud handling. |