Help

Can't remove student profiles via script: delete status: eDSPermissionError <dscl_cmd> DS Error

braillle
New Contributor III

Posted on ‎01-25-2024 05:21 AM

I've been using a script I found on Jamf nation to remove student profiles. I've been using it for over year and never had issues until recently. What's strange is it works fine on some devices (Ventura and sonoma), but on some devices it doesn't work at all. The problem devices do not have file vault enabled. They are all supervised and managed.

Here's what I'm using

#!/bin/bash

# Get a list of all user accounts
user_list=$(dscl . -list /Users | grep -v '^_')


# Specify the admin account(s) that you want to exclude
excluded_users=("root" "account1" "account2" "account3" "account4" "account4" "account5")

 # Loop through the user list and delete user profiles except admin accounts
for user in $user_list; do
    if [[ ! " ${excluded_users[@]} " =~ " ${user} " ]]; then
        if [[ "$user" != "Shared" ]]; then  # Exclude 'Shared' user
            echo "Deleting user profile for: $user"
            sudo dscl . -delete "/Users/$user"
            sudo rm -rf "/Users/$user"
        fi
    fi
done

 

This is the error message in the logs:

Script result: Deleting user profile for: first.lastname
<main> delete status: eDSPermissionError <dscl_cmd> DS Error: -14120 (eDSPermissionError)

0 Kudos
2 REPLIES 2

jamf-42
Valued Contributor II

Posted on ‎01-25-2024 08:16 AM

add set -x to script.. see where DSCL is having a problem with what account.. 

#!/bin/bash
set -x

..rest of script here...

 

0 Kudos

braillle
New Contributor III
In response to jamf-42

Posted on ‎01-28-2024 04:33 PM

this is what I got with set -x.. I'm wondering if it's not deleting accounts because it says shared. But it still works on some device.

 

set_x.png

0 Kudos