Jamf Nation Community

I don't know that there's a way to list a groups membership. Perhaps, but I'm not sure. You may need to get a list of all user accounts on the system and loop through each with a dseditgroup -checkmember type command or with dsmemberutil. If it finds any it would then need to add the account name into an array which would be the result that got echoed back when it finishes the loop.

Edit: here's a simple script example to show you what I mean, in case you needed that. In this example, I'm pulling a list of local accounts, minus the System level ones that start with underscore, since I don't think you really care about those, and echoing back each one that is a member of the group "staff" You can of course use it to look at any group available on the system.

#!/bin/sh

userList=$(dscl . list /Users | grep -v "^_")
Group="staff"

echo "$userList" | while read user; do
    if [[ $(dsmemberutil checkmembership -U "$user" -G "$Group") =~ "is a member" ]]; then
        echo "User $user is a member of staff"
    fi
done

This one works great for me:

Extension Attribute:
Display Name: SSH Enabled Users
Description: All SSH-enabled Users
Data Type: string
Input Type: Populated by Script
OS X Script:

groupmember=`dscl . -read /groups/com.apple.access_ssh | grep GroupMembership | cut -d: -f2-`
echo "<result>$groupmember</result>"