Posted on 01-25-2024 05:21 AM
I've been using a script I found on Jamf nation to remove student profiles. I've been using it for over year and never had issues until recently. What's strange is it works fine on some devices (Ventura and sonoma), but on some devices it doesn't work at all. The problem devices do not have file vault enabled. They are all supervised and managed.
Here's what I'm using
#!/bin/bash
# Get a list of all user accounts
user_list=$(dscl . -list /Users | grep -v '^_')
# Specify the admin account(s) that you want to exclude
excluded_users=("root" "account1" "account2" "account3" "account4" "account4" "account5")
# Loop through the user list and delete user profiles except admin accounts
for user in $user_list; do
if [[ ! " ${excluded_users[@]} " =~ " ${user} " ]]; then
if [[ "$user" != "Shared" ]]; then # Exclude 'Shared' user
echo "Deleting user profile for: $user"
sudo dscl . -delete "/Users/$user"
sudo rm -rf "/Users/$user"
fi
fi
done
This is the error message in the logs:
Script result: Deleting user profile for: first.lastname
<main> delete status: eDSPermissionError <dscl_cmd> DS Error: -14120 (eDSPermissionError)
Posted on 01-25-2024 08:16 AM
add set -x to script.. see where DSCL is having a problem with what account..
#!/bin/bash
set -x
..rest of script here...
Posted on 01-28-2024 04:33 PM
this is what I got with set -x.. I'm wondering if it's not deleting accounts because it says shared. But it still works on some device.