Command will run locally, but not as Jamf script

jstine
Contributor

I'm trying to add the VPN icon to the menu bar. I've been trying to use this script:

defaults write com.apple.systemuiserver menuExtras -array-add "/System/Library/CoreServices/Menu Extras/vpn.menu"

killall SystemUIServer -HUP

I can type this into terminal and it works perfectly, however if I create it as a script in Jamf, it does not work.

Any ideas?

1 ACCEPTED SOLUTION

bentoms
Honored Contributor III
Honored Contributor III

@jstine, you can do this via MCX. You can then scope it to all computers macbook*

No scripting need & stops it duplicating.

View solution in original post

7 REPLIES 7

mm2270
Legendary Contributor II

Scripts run from Casper run as the root user. not the logged in user. Since you don't specify a property list location to modify, the command is trying to make the change for the root account. You have to get the logged in user information and then target their plist file.

loggedInUser=$(ls -l /dev/console | awk '{print $3}')

defaults write /Users/$loggedInUser/Library/Preferences/com.apple.systemuiserver menuExtras -array-add "/System/Library/CoreServices/Menu Extras/vpn.menu"

## Fix the permissions
chown "$loggedInUser" "/Users/$loggedInUser/Library/Preferences/com.apple.systemuiserver.plist"

killall SystemUIServer -HUP

jstine
Contributor

@mm2270 Thanks for the quick response! Unfortunately, It is still not working though. I tried running the killall SystemUIServer -HUP afterwards as a separate script and still nothing.

mm2270
Legendary Contributor II

You may be running into a sandboxing issue, especially if this is under Mavericks. Less so with older OSes, but still a possibility.

The other thing you can try, again, especially if doing this with Mavericks, is to kill cfprefsd before restarting SystemUIServer. Its possible Mavericks is simply pulling cached information in when SystemUIServer restarts, instead of the new settings from disk. Add this before the killall SystemUIServer line

killall cfprefsd

alex030cc
New Contributor II

Use the domain is the correct way. Better then writing it directly to the file. Try to run as root in user context with 'su - "${USERNAME}" -c "YOUR_COMMAND". Should work.

jstine
Contributor

@mm2270 Its working now, thank you for your help!! Only problem is that if the VPN icon was already there, there are now two appearing.

bentoms
Honored Contributor III
Honored Contributor III

@jstine, you can do this via MCX. You can then scope it to all computers macbook*

No scripting need & stops it duplicating.

jstine
Contributor

@bentoms that worked! thank you!