- Jamf Nation Community
- Products
- Jamf Pro
- Re: Delete items Desktop
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Delete items Desktop
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-06-2009 07:36 AM
Hi .. I'm not a script person. I'm looking for a way that on log out all the items are deleted off the desktop. Here is why. Our students connect to a server that is in their dock. Sometimes they accidently grab their folder and drag it to the desktop. This in reference causes the permissions on those folders to be wacky and no one but an admin can delete the folders. Within a week I have 20 gigs of student data copied over to the desktop and I have to manually remove it. The lab monitor is unable to remove it because he does not have admin rights.
Last.. is there a way to lock the desktop pattern?
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-06-2009 08:14 AM
For the desktop you can set a user only preference in composer and then push it out to the systems and make it self heal, so that if it is altered it will get it again. You can also look at a log out/in hook that disables that preference. If they are managed via an OS X server you can use Server to manage the group's preference to disallow changes to the desktop background pref pane in system preferences.
Do delete all desktop items a simple one liner can work as a log out hook.
#!/bin/sh
#delete current user's desktop items #WARNING, THIS WILL DELETE EVERYTHING
/bin/rm -rf /Users/$3/Desktop/*
Please note that the $3 and $4 options only pull the current user in casper from log in/out policies. They also only work if ran by Casper, since the $3 variable means nothing outside of Casper.
I think I got it right but I could have $3 and $4 confused. I know one is the current user when parsed by Casper.
Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
blackberry: 913-449-7589
office: 913-627-0351
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-06-2009 08:26 AM
On a nightly bases this is why we actually delete all local user home directories for student lab machines so they get a fresh one with any changes or what not to the skeleton/default user profile. Basically it's a startup item that runs at a schedule time in the wee hours of the morning.
Since it is a destructive item must use extreme caution and have measures in place to ensure nothing else happens to other systems NOT suppose to run it.
Not sure how well deleting the profile during logout would be...never tried it.
Craig E
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-06-2009 09:13 AM
Here is a script that you can use to to refresh the account home directory either at login or logout.
http://www.bombich.com/mactips/files/scripts/refresh-default-homedir.sh
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-25-2015 07:30 AM
Looks like the last link does not work any more, I was trying to place a line of code to a policy:
rm -rf ~/Desktop/*
but that does not work, still having folders and files on a desktop.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-25-2015 07:38 AM
The ~ does not evaluate to the current logged in user when scripts are run from Casper. This has been mentioned probably on close to 100 threads on here by now. Casper Suite runs scripts as root or as the Casper service account on your Macs, so ~ is trying to affect that account, not the logged in user.
Get the logged in user in your script, then use that as a stored variable in the command.
#!/bin/sh
loggedInUser=$(stat -f%Su /dev/console)
rm -Rf /Users/$loggedInUser/Desktop/*Optionally, you may be able to use $3 for the current user if this is being done as a login or logout policy.
It should go without saying that blindly rm'ing files and folders is a bit dangerous. Make sure any code you use, including what I just wrote above, works properly in testing before trying to use it in production.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2022 09:48 AM
Status update... to this day, all attempts to delete local user files from a scheduled policy have met with about 50% success. I have been able to replicate, reliably, the "Operation not permitted" error. Additionally, I have attempted to simply use the "files and processes" function to try to delete a test document from the desktop, and it fails just the same. We will be wiping and re-deploying the majority if our lab and classroom computers this summer, so we will see if anything changes as we upgrade to Monterey. As of now, however, the problem is persistent and even working with Jamf Support, we have not found a way around it.
