Hi,
I want to remove the current login user as admin and I tried this command and it seems not to working.
#!/bin/bash /usr/sbin/dseditgroup -o edit -d "$currentUser" -t user admin |
is anyone can help me with this?
Thank you
Solved
Remove Current User as Admin
+3Best answer by MacJunior
#!/bin/sh
loggedInUser=$(/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }')
dseditgroup -o edit -d $loggedInUser -t user admin
Give it a shot
+9#!/bin/sh
loggedInUser=$(/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }')
dseditgroup -o edit -d $loggedInUser -t user admin
Give it a shot
+17It's also possible the admin user is the only administrator account on the machine that has a FileVault securetoken. macOS restricts you from deleting that user even if there's some other mechanism to hand out securetokens to users like a valid bootstrap token being stored in the MDM server or Jamf Connect installed to make more user accounts.
You'd need to elevate another user temporarily to an admin account, delete the user, and then demote the temporary admin...
+3#!/bin/sh
loggedInUser=$(/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }')
dseditgroup -o edit -d $loggedInUser -t user admin
Give it a shot
unfortunately it does not work
+3It's also possible the admin user is the only administrator account on the machine that has a FileVault securetoken. macOS restricts you from deleting that user even if there's some other mechanism to hand out securetokens to users like a valid bootstrap token being stored in the MDM server or Jamf Connect installed to make more user accounts.
You'd need to elevate another user temporarily to an admin account, delete the user, and then demote the temporary admin...
the macs has another admin account which is why i want to revoke the other one (the current login user).
i manage to found this command but i cant do a whitelist of the admin account according to the username since different set of macs have different admin username
+9unfortunately it does not work
I tried it on a test machine and it works !! what does it say in the logs of that policy?
+3I tried it on a test machine and it works !! what does it say in the logs of that policy?
i recreate back the script & policy and it works now. thank you
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.