- Jamf Nation Community
- Products
- Jamf Pro
- Different Dock for each user (one computer)
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Different Dock for each user (one computer)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-21-2020 01:45 PM
Does anyone know how to get jamf to do a different dock for each user on a computer at login? Example: I have an admin account on the computer that I want to have a specific dock load out for IT use. There is also a regular user on the computer which needs its own dock load out. I have tried scoping the policy to all computer and excluding the admin user but this does not work. The policy launches at login and changes the dock to the regular user load out despite the fact that I am logging in with the admin account.
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-21-2020 02:57 PM
Are you creating the config as system level or user level? If the policy is set as a system level dock policy it wouldn't matter who was logging in as soon as a user other than your admin account logged in once it would be applied to your machine. I would suggest creating a smart user group for your staff scoping a user level dock to it and then creating a seperate policy for tech staff and scoping a policy to just that user both should be set to all computers.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-21-2020 03:11 PM
Just a recap: Tried it with policies first. Logging in with any user including the admin user would trigger the policy even if the admin was excluded in the scope. Support told me that excluding or scoping to a specific user would only work if the computer was assigned to that user. I can't assign the admin to the computer. I need the user who will get the machine assigned to it.
Currently: I'm trying it with config profile. I have it set to user level and scoped to only my user. The profile doesn't load unless I switch it to computer level and scope it to the computer instead of the my user. Next I assigned the computer to my user and tested to see if it worked like the policies and needed to be assigned to a user. Still did not load the profile. Is there a step I'm missing?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2020 08:57 AM
I haven't had a chance to try the built-in Dock functionality with the most recent Jamf Pro releases, but I've been using dockutil for quite awhile.
#!/bin/bash
## This allows you to specify lists of items to remove and add in arrays, and then they'll be done in bulk using a for loop
## Items to remove should be the label (usually the name of the application)
## Items to add are the full path to the item to add (usually /Applications/NAMEOFAPP.app)
## A few examples are prepopulated in the arrays, but feel free to tweak as suits the needs of your organization
# original https://raw.githubusercontent.com/aysiu/Mac-Scripts-and-Profiles/master/DockutilAddRemoveArrays.sh
# bash string manipulations here https://www.tldp.org/LDP/LG/issue18/bash.html
# check for dockutil, call a policy with custom trigger "dockutil" to install if not already present
if [ ! -f "/usr/local/bin/dockutil" ]; then
echo "Installing dockutil..";
/usr/local/bin/jamf policy -trigger dockutil;
sleep 5;
else
echo "dockutil found at /usr/local/bin/, proceeding.."
fi
# define parameter 4 as the short admin account name
if [ $4 = "" ]; then
echo "No admin username specified, exiting.."
exit 1
fi
itemsToRemove=(
"Address Book"
"App Store"
"Automator"
"Books"
"Calculator"
"Calendar"
"Chess"
"Contacts"
"Dashboard"
"Dictionary"
"Downloads"
"FaceTime"
"Font Book"
"Home"
"iBooks"
"iPhoto"
"Image Capture"
"Keynote"
"Launchpad"
"Mail"
"Maps"
"Messages"
"Mission Control"
"News"
"Notes"
"Numbers"
"Pages"
"Photos"
"Photo Booth"
"Podcasts"
"Preview"
"QuickTime Player"
"Reminders"
"Siri"
"Stickies"
"Stocks"
"TextEdit"
"Time Machine"
"TV"
"Voice Memos"
)
# keeping to-add items verbose makes it ultimately easier to modify compared to passing $path
# to-do: check $majorOS and add Directory Utility from correct location
itemsToAdd=(
"/Applications/Google Chrome.app"
"/Applications/Safari.app"
"/Applications/Utilities/Disk Utility.app"
"/Applications/Utilities/Terminal.app"
"/Applications/Utilities/Activity Monitor.app"
"/Applications/Self Service.app"
"/Applications/System Preferences.app"
)
for removalItem in "${itemsToRemove[@]}"
do
# Check that the item is actually in the Dock
inDock=$(/usr/local/bin/dockutil --list | /usr/bin/grep "$removalItem")
if [ -n "$inDock" ]; then
/usr/local/bin/dockutil --remove "$removalItem" --no-restart
fi
done
for additionItem in "${itemsToAdd[@]}"
do
# Check that the item actually exists to be added to the Dock and that it isn't already in the Dock
# Stripping path and extension code based on code from http://stackoverflow.com/a/2664746
additionItemString=${additionItem##*/}
additionItemBasename=${additionItemString%.*}
inDock=$(/usr/local/bin/dockutil --list | /usr/bin/grep "additionItemBasename")
if [ -e "$additionItem" ] && [ -z "$inDock" ]; then
/usr/local/bin/dockutil --add "$additionItem" --no-restart
fi
done
/usr/bin/killall DockI haven't used this in production, but it worked as expected on a local 10.14 test box just now.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-07-2022 12:53 PM
Have you used this script pushed out to machines through Jamf. I've tested it locally as well and everything seems to be good, but trying to target a logged in user is a little finicky. I can grab the logged in user in various ways but dockutil seems to only target Jamf's root user.
