We're trying to determine if users have FileVault enabled for their
machines. What the catch is, we want to make sure that FileVault is
enabled on the primary users machine. Not all accounts, but the
primary user account, excluding our IT admin accounts on the box.
I built a shell script that looks for the top user of the machine,
then users the top user's short name to run dscl and then grep for
sparsebundle. If the line in dscl for that user has sparsebundle in
the output, the user is using FileVault. If sparsebundle does not come
out of the script, they don't have it.
The script I wrote for an extension attribute is below. This is what
I'm using to try and determine if the main user is using FV:
#!/bin/sh
who=`last | grep console | cut -f 1 -d ' ' | sort | uniq -c | sort -nr
| head -1 | awk '{print $2}'`
fv_user=dscl . -read /Users/"$who" | grep sparsebundle | awk '{print $1}'
if [ "$fv_user" == "HomeDirectory:" ]; then
echo "<result>Yes</result>"
else
echo "<result>No</result>"
fi
Have a look over it if you can and let me know if you can help. Thanks.
David