We don't have login enabled for Self Service, but, if I'm not mistaken its recorded in a line in the ~/Library/Logs/JAMF/JAMFApplications.log file.

Try this code, as it seems to pull my username from it. Hopefully it works the same for when you force logins to Self Service.

loggedInUser=$(stat -f%Su /dev/console)



selfServiceUser=$(grep "Loading webpage" /Users/${loggedInUser}/Library/Logs/JAMF/JAMFApplications.log | tail -1 | tr '&' '

' | awk -F= '/localUsername/{print $NF}')

Thanks Mike. Sadly, logging into Self Service does not record there.

I have a few scripts that local admins or desktop support can run via Self Service on an end users machine. I'd love to record who ran that script.

Try this

#!/bin/sh



loggedInUser=$(stat -f%Su /dev/console)



selfServiceUser=$(defaults read /Users/$loggedInUser/Library/Preferences/com.jamfsoftware.selfservice.plist LastLoggedInUser "")



echo $selfServiceUser

Hmm. OK, not sure then. I wonder why it records my username when I open Self Service with no login required, but not when login is required? Weird! I would ping JAMF on it maybe. I imagine it must be noted somewhere in some log on the system, no? If not, that sounds like something JAMF should add.

@millersc Looks like that works. Thank you!

@mm2270 It is just logging who was logged into the OS when you open Self Service?

It should say in the Policy logs of the machine who was logged into Self Service at the time of Policy Execution.

I just tested this with two separate user accounts...unless you're wanting to know outside of the policy logs...

Regards,
TJ

Doesn't $3 work for this?

As per, this article.

Note: When executed as a login or logout policy, the "$3" variable receives user information for the user logging in or out. When executed through Self Service, it receives the username of the account used to log into Self Service. Any other method of execution will fail to pass the correct user information.