Posted on 02-21-2018 07:24 AM
We having been using a script deployed in JAMF to delete home folders upon log out. Our users are Active Directory users, many users one machine. It has been working great. Here is the script.
USER=$(stat -f '%Su' /dev/console)
dscl . -read /Groups/admin GroupMembership | grep -q "$USER"
if [ "$?" -eq "0" ]; then
echo "LOGOUT: admin folders will not be deleted."
exit 1
fi
if [ "$USER" == "testing" ]; then
echo "LOGOUT: testing account/folder will not be deleted."
exit 1
fi
if [ -d "/Users/$USER" ]; then
echo "LOGOUT: user account cleanup."
rm -R /Users/"$USER"
dscl . -list /Users | grep -q "$USER"
if [ "$?" -eq "0" ]; then
dscl . -delete /Users/"$USER"
fi
fi
exit 0
Now that we have a few machines Updated to High Sierra it has stopped working on those machines. We found it worked on 10.13.2 but once we updated to 10.13.3 it stopped. When looking in JAMF in the details of the Policy running the script it says on the failed machines:
1. Executing Policy remove home folder
2. running Script remove_home_folder
3. Script exit code 0
4. Script result: LOGOUT: user account cleanup
rm/Users/student name(cant type it)/Library/Applications Support: Directory not empty
rm:/Users/student name/Library: Directory not empty
rm:/Users/student name/Directory not empty
Thus making it so that the home folder remains.
We believe that because of the discovered hack with logout stated in this article
https://siguza.github.io/IOHIDeous/
Apple has tried to fix the hack. By doing this our script has been broken. We are not sure how to solve this problem.
Posted on 02-21-2018 08:38 AM
I too have a script that removes users on logout and it has been working well for us. However, we are still on 10.12 and I have not tested it with 10.13.x. I have certain users listed not to delete within in the script. Here it is. Maybe give it a shot and see if this works.
for dir in /Users/* do if [ ! "$dir" = "/Users/admin" ] && [ ! "$dir" = "/Users/viscom" ] && [ ! "$dir" = "/Users/root" ] && [ ! "$dir" = "/Users/main" ] && [ ! "$dir" = "/Users/Shared" ] ; then echo ${dir} rm -R $dir dscl . -delete $dir fi done
exit 0
Posted on 02-21-2018 08:43 AM
try changing rm -R /Users/"$USER" to rm -Rf /Users/"$USER" It will force remove the directory.
Posted on 02-21-2018 09:20 AM
By changing the script to as suggested by ddcdennisb we got the same error. However with a run of 2-3 times it finally did work. So our new script reads like this
USER=$(stat -f '%Su' /dev/console)
dscl . -read /Groups/admin GroupMembership | grep -q "$USER"
if [ "$?" -eq "0" ]; then
echo "LOGOUT: admin folders will not be deleted."
exit 1
fi
if [ "$USER" == "testing" ]; then
echo "LOGOUT: testing account/folder will not be deleted."
exit 1
fi
if [ -d "/Users/$USER" ]; then
echo "LOGOUT: user account cleanup."
COUNTER=0
while [ $COUNTER -lt 10 ]; do
if [ -d "/Users/$USER" ]; then
rm -Rf /Users/"$USER"
fi
let COUNTER=COUNTER+1
done
dscl . -list /Users | grep -q "$USER"
if [ "$?" -eq "0" ]; then
dscl . -delete /Users/"$USER"
fi
fi
exit 0
This does indeed delete the home folders. Thank you to all who helped!