I need to be able to remove a token from a user's login keychain and seem to be having some trouble with the script in a test environment. Here is the script I'm using...
#!/bin/sh
loggedInUser=$( ls -l /dev/console | awk '{print $3}' )
security delete-generic-password /Users/$loggedInUser/Library/Keychains/login.keychain -l "NetDocuments Refresh Token"When I run the script via policy, it seems to work successfully the first time. I see the token removed from the keychain. I can recreate the token by signing into e-mail again, but when I flush the policy and run the token removal script again, the token isn't removed. The policy shows that it completed successfully, but the token isn't actually removed. I'm a little hesitant to deploy a policy if I can't get consistent results. Is there something I am doing wrong?