+5Hi all,
So we are using the MakeMeAnAdmin script for almost 3 years without a hitch.
Now we are having the first macoS 12.3.1 devices and the MakeMeAnAdmin script does not work anymore. On older macOS versions everything works fine.
Anyone else experiencing this issue?
Best answer by stevewood
There is a shell script version of the Make Me Admin script available here:
https://github.com/jamf/MakeMeAnAdmin
It behaves very similar to the python version.
+8I've just tested on 12.3.1 and an M1 Mac. Not working for me either. I get the notification to say I have been granted admin rights, but shows as standard user even after a reboot.
I think this is due to the use of a Python script. Python 2has been removed from 12.3
+11if a script ran up to 12.3 and no longer runs under 12.3.1, it really smells a lot like the well-known python problem ;-)
+8if a script ran up to 12.3 and no longer runs under 12.3.1, it really smells a lot like the well-known python problem ;-)
Apple say they removed Python from 12.3, from what I have read.
+11Apple say they removed Python from 12.3, from what I have read.
yes that's right, until now python 2.7 was installed - but if you install python 3 now, you don't make sure that the scripts will run again, they still have to be adjusted.
+35There is a shell script version of the Make Me Admin script available here:
https://github.com/jamf/MakeMeAnAdmin
It behaves very similar to the python version.
+3i'm facing the same problem like @ stevewood.
@stevewood i have a Question: the daemon doesn't survive a reboot right? but after reboot it triggers the daemon an do following:
if [[ -f /private/var/userToRemove/user ]]; then userToRemove=$(cat /private/var/userToRemove/user) echo "Removing $userToRemove's admin privileges" /usr/sbin/dseditgroup -o edit -d $userToRemove -t user admin rm -f /private/var/userToRemove/user launchctl unload /Library/LaunchDaemons/removeAdmin.plist rm /Library/LaunchDaemons/removeAdmin.plist log collect --last 30m --output /private/var/userToRemove/$userToRemove.logarchive fi EOF
my Problem command rm /Library/LaunchDaemons/removeAdmin.plist doesn't get executed after reboot, do you know why? it hangs and every command after it doesn't be executed.
+35i'm facing the same problem like @ stevewood.
@stevewood i have a Question: the daemon doesn't survive a reboot right? but after reboot it triggers the daemon an do following:
if [[ -f /private/var/userToRemove/user ]]; then userToRemove=$(cat /private/var/userToRemove/user) echo "Removing $userToRemove's admin privileges" /usr/sbin/dseditgroup -o edit -d $userToRemove -t user admin rm -f /private/var/userToRemove/user launchctl unload /Library/LaunchDaemons/removeAdmin.plist rm /Library/LaunchDaemons/removeAdmin.plist log collect --last 30m --output /private/var/userToRemove/$userToRemove.logarchive fi EOF
my Problem command rm /Library/LaunchDaemons/removeAdmin.plist doesn't get executed after reboot, do you know why? it hangs and every command after it doesn't be executed.
If the LaunchDaemon has not run prior to a reboot it should still survive a reboot. The LaunchDaemon would reload on restart and the timer would be restarted. Meaning if a user were to elevate and restart the computer, the timer for demoting them would restart as well. If you had a timer of say 5 minutes and the user restarted at the 4 minute mark, then the user could theoretically get another 5 minutes of admin rights.
+1Hello everyone, how you're managing this on Sonoma/Sequoia? I couldn't make this script to work for me either.
Thanks
+5I am seeing an issues in 15.2. The user does not have sudo privileges after running the script. Works on my 15.1.1 machine.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.