- Jamf Nation Community
- Products
- Jamf Pro
- Re: Extension attribute for reporting users who ar...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Extension attribute for reporting users who are admin
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
Last year, I created an extension attribute for reporting if the current logged in user is an admin user. The extension attribute is below. I noticed a few months ago that this EA had stopped working. The output of the EA was blank. What got it working was to remove the "^" symbol in the results line. Removing that symbol means that the EA will report "yes" but not "Yes". We standardize all yes/no answers in EAs with capital letters. All of my EAs get pulled in by PowerBI. I can't figure how how to capitalize the first letter in the output for "isAdmin". This does work perfectly when I run it in CodeRunner either as bash or zsh. The result I need if a user is an admin is "Yes", not "yes". How can I get this to work? I know how to capitalize ALL letters in the output but I can't find anything that capitalizes the first letter. I remember when writing this EA last year, I found that using ^ is what would capitalize the output, and it was working in Jamf Pro... until just a few months ago.
#!/bin/bash
currentuser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`
isAdmin=$(dseditgroup -o checkmember -m $currentuser admin | /usr/bin/awk '{print $1}')
echo "<result>"${isAdmin^}"</result>"
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday - last edited yesterday
This is another case of me figuring out the solution before someone responded to me 🤦🏻 The solution was to add another awk command that handles the capitalization. There may well be another solution to this but this is what is currently working. The original EA should be working too but Jamf Pro seems to have a problem with the "^" symbol. Having that symbol makes the output of the EA blank. Here is what is currently working. I'm sharing this in case it helps someone else and I won't mark my own response as the solution 😇
#!/bin/bash
currentuser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`
isAdmin=$(dseditgroup -o checkmember -m $currentuser admin | /usr/bin/awk '{print $1}' | /usr/bin/awk '{print toupper(substr($0,0,1)) tolower(substr($0,2))}')
echo "<result>"${isAdmin}"</result>"
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
We are using the one below, and it’s working fine as well. Just sharing for informational purposes.
#!/bin/bash
allLocalAccts=$(dscl . list /Users UniqueID | awk '$2>500 {print $1}')
while read userAcct; do
if [[ $(dseditgroup -o checkmember -m $userAcct admin) =~ "yes" ]]; then
Admin="Admin"
else
Admin="Regular"
fi
if [[ $(dscl . read /Users/$userAcct OriginalAuthenticationAuthority 2>/dev/null) != "" ]]; then
Domain="Domain"
else
Domain="Local"
fi
userList+=("${userAcct}: $Admin, $Domain")
done < <(echo "$allLocalAccts")
echo "<result>$(printf '%s
' "${userList[@]}")</result>"
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
I wrote something like this to list all the admin accounts on a Mac. I like yours better!
Reply
