dockutil does not change all homes

New Contributor III

So as part of our enrollment process, we change the dock using dockutil. With our DEP machines, we also "Create an additional local administrator account" (UID 501)

However, if I log out of the account that a typical employee would create/use (UID 502...and dockutil works just fine on this user)...and log back in as our admin user (UID 501) that is created as part of DEP...the dock is not changed.

Any ideas as to why or how to get the admin account the same dock? Is it because the user is not logged into before running the dockutil command?

The script I run as part of one my policies:


loggedInUser=$(python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "

# remove default apps
$DOCKUTIL --remove all --no-restart --allhomes

# add items to dock
$DOCKUTIL --add /Applications/ --position 1 --no-restart --allhomes
$DOCKUTIL --add /Applications/ --after Safari --no-restart --allhomes
$DOCKUTIL --add /Applications/ --after Preview --no-restart --allhomes
$DOCKUTIL --add /Applications/Microsoft --after Calendar --no-restart --allhomes
$DOCKUTIL --add /Applications/Microsoft --after "Microsoft Outlook" --no-restart --allhomes
$DOCKUTIL --add /Applications/Microsoft --after "Microsoft Word" --no-restart --allhomes
$DOCKUTIL --add /Applications/Microsoft --after "Microsoft Excel" --no-restart --allhomes
$DOCKUTIL --add '/Applications/System' --after "Self Service" --no-restart --allhomes

$DOCKUTIL --add '/Applications' --view auto --display stack --sort name  --section others --position 1 --no-restart --allhomes
$DOCKUTIL --add '~/Documents' --view auto --display stack --section others  --position 2 --no-restart --allhomes
$DOCKUTIL --add '~/Downloads' --view auto --display stack --sort dateadded --section others --position end --allhomes

exit 0

Esteemed Contributor II

Might want to post this URL over at Kyle Crawford's GitHub page.

Valued Contributor

I assume that the user account created has not had the home directory populated yet. So, Dockutil might be populating all homes, but that account does not have a home yet or does not have a built yet for Dockutil to modify.

Can you try this at the top of your dockutil script, or before you run that script:

/usr/sbin/createhomedir -c -u "$userName"

New Contributor III

Didn't know that was an option. Posted it here

Valued Contributor

@DFree The command I mentioned will populate the home directory for the user specified. I don't know it if will create the though, without that there would be nothing for Dockutil to modify.

New Contributor III

@ryan.ball I added the 2 lines at the top of my script and it did not help dock util. The admin account still had a default apple dock. I'm guessing the plist problem is correct. Is there a way to login as that user in the command line quickly (maybe build the plist) and then logback out? Maybe a switch user or sudo or what not.


How is your dockutil policy being triggered?

Valued Contributor

@DFree What I've found is that timing of the dockutil events is key. It helps to adjust the dock for a user after the dock is built and loaded. See my script posted from here, I run something similar at every login using a LaunchAgent.

New Contributor III

The dockutil policy is the third of many policies that are run on enrollment only. Basically we do a base config and let the user change various things like the dock, desktop background, etc. if they want.

@ryan.ball We let our users change their dock, so running a dockutil script on every login is kinda worthless for us. I suppose I could run another dockutil policy to change only the admin user after all of the other policies are done to give the mac some time to build the admin profile, but I'm starting to think its not worth my time trying to beat this race condition as its only for a rarely used local admin account. I was just checking to see if I was doing something wrong in my script.

Valued Contributor

@DFree FYI My script runs once, then leaves a breadcrumb in the user's ~/Library/Preferences folder. Then, at subsequent logins it checks for the breadcrumb, if it exists the script takes no action, if it does not exist it builds the Dock and creates the breadcrumb so that it will never run again for that user.