Posted on 05-20-2014 02:41 AM
Hi, I have recently employed the following script to collect user info via AD, a script posted on these forums.
#!/bin/sh
loggedInUser=/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'
accountType=dscl . -read /Users/$loggedInUser | ?grep UniqueID | cut -c 11-
if (( "$accountType" > 1000 )); then
userRealname=dscl . -read /Users/$loggedInUser | awk '/^dsAttrTypeNative:original_realname:/,/^dsAttrTypeNative:original_shell:/' | head -2 | tail -1 |cut -c 2-
userEmail=dscl . -read /Users/$loggedInUser | grep EMailAddress: | cut -c 15-
userPosition=dscl . -read /Users/$loggedInUser | grep JobTitle: | cut -c 11-
if [[ -z $userPosition ]]; then
userPosition=dscl . -read /Users/$loggedInUser | awk '/^JobTitle:/,/^JPEGPhoto:/' | head -2 | tail -1 | cut -c 2-
fi
userPhone=dscl . -read /Users/$loggedInUser | grep -A 1 PhoneNumber: | tail -1 | cut -c 2-
userDepartment=dscl . -read /Users/$loggedInUser | grep "Company:" | cut -c 10-
if [[ -z $userDepartment ]]; then
userDepartment=dscl . -read /Users/$loggedInUser | awk '/^Company:/,/^CopyTimestamp:/' | head -2 | tail -1 | cut -c 2-
fi
if [[ $userDepartment == *entland* ]]; then
userDepartment=dscl . -read /Users/$loggedInUser | grep "Department:" | cut -c 12-
if [[ -z $userDepartment ]]; then
userDepartment=dscl . -read /Users/$loggedInUser | awk '/^Department:/,/^EMailAddress:/' | head -2 | tail -1 | cut -c 2-
fi
fi
echo "Submitting information for network account $loggedInUser..."
jamf recon -endUsername "$loggedInUser" -realname "$userRealname" -email "$userEmail" -position "$userPosition" -phone "$userPhone" -department "$userDepartment"
else
echo "Submitting information for local account $loggedInUser..."
userPosition="Local Account"
jamf recon -endUsername "$loggedInUser" -position "$userPosition"
fi
Now, It's all good, apart from the EMail address field.
It seems it's populating this from the 'Account > "user logon name" as opposed to "general > E-Mail field.
any ideas ??? Anyone??
Solved! Go to Solution.
Posted on 05-20-2014 03:24 AM
Hi @kerouak,
I recognise that script. :)
I'd advise double checking the records attributed via Directory Utility or something http://macmule.com/2014/05/03/how-to-use-directory-utility-to-view-an-ad-objects-attributes/
Also, is your AD fairly "clean." If so, I'd advise moving from my script to using the built in method: http://macmule.com/2014/05/04/submit-user-information-from-ad-into-the-jss-at-login-v2/
Posted on 05-20-2014 03:24 AM
Hi @kerouak,
I recognise that script. :)
I'd advise double checking the records attributed via Directory Utility or something http://macmule.com/2014/05/03/how-to-use-directory-utility-to-view-an-ad-objects-attributes/
Also, is your AD fairly "clean." If so, I'd advise moving from my script to using the built in method: http://macmule.com/2014/05/04/submit-user-information-from-ad-into-the-jss-at-login-v2/
Posted on 05-20-2014 06:11 AM
cheers!1 I found the issue..
I had to change the LDap fields on the JSS and ran again successfully.
Cheers!
Posted on 05-20-2014 04:09 PM
You may find this runs more efficiently
#!/bin/bash
loggedInUser=`stat -f%Su /dev/console`
accountType=`stat -f%u /dev/console`
plistbuddy="/usr/libexec/PlistBuddy"
tempFile="/tmp/dscl.plist"
if [ $accountType -gt 1000 ]
then
dscl -plist . read /Users/$loggedInUser EMailAddress JobTitle RealName PhoneNumber department > $tempFile
userRealname=`$plistbuddy -c "Print dsAttrTypeStandard:RealName:0" $tempFile`
userEmail=`$plistbuddy -c "Print dsAttrTypeStandard:EMailAddress:0" $tempFile`
userPosition=`$plistbuddy -c "Print dsAttrTypeStandard:JobTitle:0" $tempFile`
userPhone=`$plistbuddy -c "Print dsAttrTypeStandard:PhoneNumber:0" $tempFile`
userDepartment=`$plistbuddy -c "Print dsAttrTypeNative:department:0" $tempFile`
echo "Submitting information for network account $loggedInUser..."
jamf recon -endUsername "$loggedInUser" -realname "$userRealname" -email "$userEmail" -position "$userPosition" -phone "$userPhone" -department "$userDepartment"
rm $tempFile
else
echo "Submitting information for local account $loggedInUser..."
jamf recon -endUsername "$loggedInUser" -position "Local Account"
fi
exit 0