Skip to main content

I have a script that removes admin rights, which I run as part of a policy. However, it seems to fail about 1/2 the time (and works fine the other half).

Executing Policy Remove Admin Running script Remove Admin... Script exit code: 64 Script result: Group not found. Error running script: return code was 64. Running Recon... . . .
#!/bin/bash
UserList=$( dscl . list /Users UniqueID | awk '$2 >= 501 {print $1}' | grep -v admin1 | grep -v admin2 )

for USER in "$UserList"; do
/usr/sbin/dseditgroup -o edit -d $USER -t user admin
done

Any theories on why?

I'm not as qualified with Bash as others, but I tend to run this command to convert output from commands like dscl into arrays before running the for loop. Perhaps the failure has to do with when UserList contains multiple entries?

UserListArr=($UserList)
Terms & ConditionsCookie settingsAccessibility statement