Help

Deleting non-standard Admin account

roiegat
Contributor III

Posted on ‎06-05-2015 11:11 AM

Anyone have a good script for delete a admin account that is above UID 500? We want to give the users the ability to enroll from the enrollment page with their initially created account, but after they enroll we want to kill all expect the one account we put in. Since were dealing with accounts here wanted to see if anyone had any good script for it.

0 Kudos
3 REPLIES 3

bpavlov
Honored Contributor

Posted on ‎06-05-2015 11:19 AM

Not sure if you did a search but there was a very similar question asked earlier this week. I can't find it right now but did find this:
https://jamfnation.jamfsoftware.com/discussion.html?id=7584

0 Kudos

roiegat
Contributor III

Posted on ‎06-05-2015 11:51 AM

Yeah did a couple searches but nothing fit the right way. My biggest fear is that somehow the account under UID 500 get sacked and then we got bigger problems. I'll keep looking.

0 Kudos

dbrodjieski
New Contributor III

Posted on ‎06-05-2015 12:08 PM

Something quick and dirty I came up with to get you started:

#!/bin/bash

#get list of admins
admins=$(dscl . -read /Groups/admin GroupMembership | sed 's/GroupMembership: //')

#for each username in admins, check it's UniqueID, if it's known to be greater than 500, remove it.
for user in $admins; do
    userID=$(dscl . -read /Users/$user UniqueID 2> /dev/null | sed 's/UniqueID: //')
    if [[ ! -z "$userID" ]]; then
        if [[ $userID -gt 500 ]];then           
            #delete the user account via dscl
            echo "deleting user $user because it's an admin with a Unique ID:$userID greater than 500"
        else
            # keep the user
            echo "keeping user $user because it's Unique ID: $userID is less than 500"
        fi
    fi
done
0 Kudos