Jamf Nation Community

MTFIDjamf · ‎08-05-2015

Still very new to Casper and the scripting aspects of getting everything to work. I am working on a new Yosemite base and the setup that follows. Right now, I am stuck on setting up the Dock. Have read many posts here on this, not sure if all apply to Yosemite due to the age of some.

I have put DockUtil into play here and received some positive results so far. I have created a basic script and ran it through SelfService, it works. Next will be to test in a fresh build scenario.

Script:

#!/bin/bash

# Calling previously installed DockUtil 2.0.2 app to remove OSX dock icons and add required dock icons.
# v1.0

DOCKUTIL=/usr/local/bin/dockutil

$DOCKUTIL --remove all --no-restart

sleep 10

$DOCKUTIL --add '/Applications/Launchpad.app' --no-restart

$DOCKUTIL --add '/Applications/Calculator.app' --no-restart

$DOCKUTIL --add '/Applications/Safari.app' --no-restart

$DOCKUTIL --add '/Applications/Self Service.app' --no-restart

$DOCKUTIL --add '/Applications' --no-restart

$DOCKUTIL --add '/Applications/System Preferences.app' --no-restart

killall cfprefsd

killall Dock

exit 0

My real question here is how do I make sure that this default setup is the Dock that every user that ever logs into the device will get at first? These logged in users will be Active Directory users.

After first login the users can change or modify the dock as they see fit, we don't care, but the first login must be universally the same and any changes they make after that must remain in place under their profile. Cannot use something that runs at login and reverts to default, unfortunately.

Does anyone out there have some sort of script that would do this and can post it here for reference or help?

Thank you.

perrycj · ‎08-05-2015

I think you are just looking for a launchagent. You can implant your dockutil script and launchagent at imaging time to a custom folder ( i.e., /Library/yourcompanyname) or a folder that already exists, via a package, have a launchagent call it when someone logs in and it will run. You can set the launchagent to only run once so it doesn't happen each time they log in. They will be able to edit the dock how they see fit afterwards. Hope this helps.

ShaunRMiller83 · ‎08-05-2015

How I do my initial dock setting is on an "Admin" system prepare the dock how I want it to look for all users. I then move the com.Apple.Dock.Plist from "~/Library/Preferences" into "/System/Library/User Template/English.lproj/Library/Preferences/com.apple.dock.plist." (I know Casper can add it to the user templates for me but this is just how I do it out of habit.)

Then I just open Casper Composer and add the com.apple.dock.plist from the User Template folder I adjust the permissions, create a DMG, add the DMG to Casper Admin, and add the DMG to my config or policy.

This is for my initial dock settings and if any customizations need to be after the initial machine setup going forward I use DockUtil to push updates.

MTFIDjamf · ‎08-05-2015

@perrycj Thank you for the reply. That would be something that I have never looked into or touched before. Do you (or anyone out there) have an example that I could look at/reference? Perhaps something ideally along these very lines.

MTFIDjamf · ‎08-05-2015

@ShaunM9483 Thanks for the info. I will give this a try as well. So, as for updates down the line, you merely write up a script calling DockUtil and simply have it adding one new icon to the dock? I am guessing via a policy push in Casper aimed at all machines at check-in/login, etc...

ShaunRMiller83 · ‎08-05-2015

Correct, I've found this way to be the most reliable. This sets the dock to a "gold state" at the time of "thin image" for a user but doesn't lock the dock items down so users have flexibility to add or remove items within their profile.

perrycj · ‎08-05-2015

Sure. You can make your own launchagents/daemons using Lingon or Launchcontrol.

Both are fairly easy to use. A launchagent is essentially a .plist file that lives in the /Library/LaunchAgents directory on a mac. Launchagents are user level and LaunchDaemons are root level. I'll put an example of what I use as a launchagent for my dockutil setup:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.yourcompany.dockutil</string>
    <key>LaunchOnlyOnce</key>
    <true/>
    <key>ProgramArguments</key>
    <array>
        <string>/bin/sh</string>
        <string>/Library/yourfolder/yourdockutilscript.sh</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>

Obviously change the generic values for your environment but that should get you on your way.

MTFIDjamf · ‎08-06-2015

@ShaunM9483 Thank you for the followup, I am going to test this and let you know how it works out.

Two options to do this are better than one.

@perrycj I have tried as you said, my launchagent is below. It is not working for me. The dock script is in place at the location noted, same script as called in my original post. One DMG drops the script into the location, the next DMG drops the plist file into the Library/LaunchAgents location during the build. I have logged in with three different user accounts, one local; two domain.
Any ideas? Does this look right? Am i missing something?
Appreciate the help.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.mycompany.notation.Yosemite_Dock_Fix_R1</string>
    <key>LaunchOnlyOnce</key>
    <true/>
    <key>ProgramArguments</key>
    <array>
        <string>/bin/sh</string>
        <string>/Library/Application Support/mycompany/Set_Yosemite_Dock_Icons_R1.sh</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>

perrycj · ‎08-06-2015

It looks ok but how did you make the launchagent?

ShaunRMiller83 · ‎08-06-2015

I recreated the same launch agent in Lingon X below was my result... It looks pretty similar but give this a try.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Disabled</key>
    <false/>
    <key>EnvironmentVariables</key>
    <dict>
        <key>PATH</key>
        <string>/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/git/bin:/usr/local/sbin</string>
    </dict>
    <key>Label</key>
    <string>com.mycompany.notation.Yosemite_Dock_Fix_R1</string>
    <key>LaunchOnlyOnce</key>
    <true/>
    <key>ProgramArguments</key>
    <array>
        <string>/Library/Application Support/mycompany/Set_Yosemite_Dock_Icons_R1.sh</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>

MTFIDjamf · ‎08-06-2015

@perrycj I basically copied an existing plist file from Library/LaunchAgents, copied it out, and made the changes utilizing your data for reference. I did not use either application specified. I am guessing that was not the way to go...

@ShaunM9483 Similar to comment above, can I grab this data and simply create a plist file from it or do i absolutely have to utilize one of the above mentioned tools?

ShaunRMiller83 · ‎08-06-2015

You could certainly create your own plists. As you would imagine the apps mentioned just help get the syntax correct, and streamlines getting the plists needed created much easier.

You could take what I posted and make that into a plist directly of course changing the variables.

If you want it to run as each user the plist should go in /Library/LaunchAgents/ if you want to run the script to run as root the plist would go in /Library/LaunchDaemons/

Shaun

perrycj · ‎08-06-2015

Yea you definitely wanna make it from scratch. Try out Lingon. It will set all the permissions correctly.

MTFIDjamf · ‎08-06-2015

@perrycj I will try Lingon. The free download seemed pretty easy, but, like anything else, even if it only costs $10 I still have to jump through some hoops to get it.

@ShaunM9483 I grabbed your data and created a plist with your post. No difference. The script is not running at login. Also, on a side note, I have tried your other method as well. It almost worked. I modified the dock as I wanted for test, only Safari/Calculator/System Preferences and the Applications folder. Dropped the plist over to the other location, composed it, uploaded it, built with it. All looked to have gone as planned.

Here's the odd piece. When I log in as any user, local or AD, the stuff I specified is there but there are other icons there that I had removed, Maps/iBooks/Photos and the Downloads folder. I have zero idea where those came from or why it only worked about 75%.

ShaunRMiller83 · ‎08-06-2015

Ahh.... so this helps a bit Apple being Apple.

Even if you drop a user template onto the system for the dock they will readd Maps, iBooks, Photos, and maybe a few other stock "Apple" apps back onto your dock. (Isn't that nice of them :) )

There is a way to disable that behavior. I just have to recall the plist and the steps to disable that. I'll look thru my notes and update this post when I find it.

update: BenToms reply in this gives you the syntax to stop that behavior post gives you the syntax to stop that behavior.

Jamf Nation Community

Default Dock Setup For Each AD User That Logs In