Help

create a smart group based on User Account Type?

walt
Contributor III

Posted on β€Ž08-26-2020 02:02 PM

I'm trying to determine which computers have a Mobile LDAP account that are Jamf enrolled. For example in a Computer's inventory record under Local User Accounts it has the UID, Account Type, Admin Yes/No.

Is there any way to pull the Type: Mobile LDAP into a smart group or some sort of reporting?

0 Kudos
1 REPLY 1

dan-snelson
Valued Contributor II

Posted on β€Ž08-26-2020 07:06 PM

@walt The following Extension Attribute code may prove helpful:

#!/bin/sh

loggedInUser=$(stat -f%Su /dev/console)

if [[ $( /usr/bin/dscl . read /Users/${loggedInUser} OriginalAuthenticationAuthority 2>/dev/null) ]]; then
    echo "<result>$loggedInUser is an Active Directory Mobile account</result>"
else
    echo "<result>$loggedInUser is a Local Directory account</result>"
fi

exit 0

--
Dan
0 Kudos
Jamf helps organizations succeed with Apple. By enabling IT to empower end users, we bring the legendary Apple experience to businesses, education and government organizations. Learn about Jamf.