+26Hey one more quick question. On our rollout we had a bit of a wireless blip and it seems that some machines didn't run the user startup script so I have a couple of kids out there that are local admins.
I was wondering if its possible (of course its possible) to create an extension attribute that would give you a list of admin users that have an uid over 500 and are part of the admin group and then create a smart list based on the finding so you can then run a policy to remove them
Thanks
Rob
+12This will do the EA for you.
#!/bin/bash
list=()
for username in $(dscl . list /Users UniqueID | awk '$2 > 500 { print $1
}'); do
if [[ $(dsmemberutil checkmembership -U "${username}" -G admin) !
*not* ]]; then
list+=("${username}")
fi
done
printf "%s " "result>${list[@]}</result"
echo
You probably don't need that echo at the end for actually getting the EA
into Casper. It is just in there for getting your prompt back on its own
line when running from the command line.
Ryan M. Manly
Glenbrook High Schools
+5Great little piece of code. You can just use "echo" in place of printf and skip the "%s " unless you want that trailing space.
echo "result>${list[@]}</result"
Walter
--
Walter Rowe, System Hosting
Enterprise Systems / OISM
walter.rowe at nist.gov<mailto:walter.rowe at nist.gov>
301-975-2885
+12Good point!
I was trying to force the space between multiple usernames when I didn't
need to. :)
Ryan M. Manly
Glenbrook High Schools
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.