Extension attribute for reading preferences

Question

Hi there,
I've been trying to get an extension attribute read to push the the following changes using a policy:
/usr/bin/security authorizationdb write system.preferences.network allow
/usr/bin/security authorizationdb write system.services.systemconfiguration.network allow
/usr/bin/security authorizationdb write com.apple.wifi allow
For example how would I read 'system.preferences.network' and report if it is not in 'allow' state? This is to scope a policy that will push the above to devices reporting 'system.preferences.network' to not be in 'allow' state.

mm2270 · Answer

For starters, change write to read./usr/bin/security authorizationdb read system.preferences.networkDrop the allow from the first command when reading back the preferences. There will need to be some additional scripting to read back the values. You could also send the results out to a plist file for easier parsing./usr/bin/security -q authorizationdb read system.preferences.network > /tmp/system.preferences.network.plistNote the addition of -q to the security command (quiet), which suppresses some output that doesn't belong in a plist file. Then you can easily read back the settings using defaults./usr/bin/defaults read /tmp/system.preferences.network.plistFrom there, use grep or something to see if the setting you're interested in is present in the plist. If it's there in the plist, then the setting is applied to that preference.

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded