Got it figured out, I wasn't running the preferences writes under the context of the user.... Here is the updated script if anybody is interested...

#!/bin/bash



AD_domain="mydomain.com"



user=`ls -la /dev/console | cut -d " " -f 4`





# Write default AD domain

sudo -u $user defaults write com.trusourcelabs.NoMAD ADDomain "$AD_domain"

sudo -u $user defaults write com.trusourcelabs.NoMAD UseKeychain -bool "true"

sudo -u $user defaults write com.trusourcelabs.NoMAD LocalPasswordSync -bool "true"

sudo -u $user defaults write com.trusourcelabs.NoMAD SignInWindowOnLaunch -bool "true"

sudo -u $user defaults write com.trusourcelabs.NoMAD UPCAlert -bool "true"





#Add to login items

osascript -e 'tell application "System Events" to make login item at end with properties {path:"/Applications/NoMAD.app", hidden:false}' 







exit 0

You should consider moving to a User Level Configuration Profile for this, rather than defaults write commands. But I guess whatever works. The only reason for the preference of a profile, besides the fact that it's easier to manage going forward, is that if a user should end up deleting preferences from their ~/Library/Preferences/ folder and they remove that one, NoMAD will end up reverting to a default state, which will be rather confusing to someone already used to the configured mode.

Also, there is a prebuilt pkg at https://nomad.menu/support/ that will install a LaunchAgent to both open NoMAD on login and also keep NoMAD running for any user on the machine. So you don't need to add it to the user's login items with a script (which can also be removed by the user later)