Hello,
Long story short, I'm trying to create a Self Service policy that will "opt" the computer in to a policy that will wipe the specified user data upon logout/logon. Here is how I've been going about it.
- Create an Automator app called "EmptyFolders-optin.app". Self Service installs this to /Applications/Utilities. The app does nothing except act as a scoping mechanism.
- Create a second Automator app that asks the technician for a home folder name, then writes that name to a hidden text file located at /Users/Shared/.Config/HomeFolderName.txt. This app is also installed as part of the Self Service policy, and auto-launches after install.
- Create a script that grabs the home folder name from the hidden text file, then deletes the contents of the folders within that home folder:
#!/bin/sh
var=$( cat /Users/Shared/.Config/HomeFolderName.txt)
rm -Rf /Users/$var/Applications/* /Users/$var/Desktop/* /Users/$var/Documents/* /Users/$var/Downloads/* /Users/$var/Movies/* /Users/$var/Music/* /Users/$var/Pictures/* /Users/$var/Public/*
3. Include the script in a policy that triggers every login or logout.
If I'm already logged into the machine and run "sudo jamf policy -trigger login", it totally works (even if I'm logged in with a different user account). But if I actually logout/login, it doesn't work. All logs just say that it completed successfully.
Any ideas on how to make this work?
Thanks
