Help

How to find what Apple ID is logged in to the managed iPad.

Gotti
New Contributor II

Posted on ‎11-10-2021 02:32 AM

All user are login with manager Apple ID but some haver manage to log out and download there own apps, I have added a restriction policy which stops this happening.

But I would like to find out who is currently logged in with their own Apple IDs.

Is there any way of doing this on jamfcloud?

 

 

0 Kudos
10 REPLIES 10

Andreas_Schenk
Contributor
Contributor

Posted on ‎11-10-2021 04:46 AM

An MDM Server like Jamf can not see the Name of the logged in Apple ID. This is a decision from Apple in their great wisdom. We can like it or not, but it is what it is. You might want to file Feedback with Apple, to grant MDM Servers the capability to do so. (Probably not likely to be changed, as Apple considers the Name of the Apple ID to be private).

MDM Servers can only query a hash of the logged in Apple ID. But not the clear text Name.

Gotti
New Contributor II

Posted on ‎11-10-2021 05:48 AM

@Andreas_Schenk Thank you so much for the reply. 

0 Kudos

techjason
Contributor

Posted on ‎11-11-2021 06:51 AM

@Gotti I have been looking for something like this for a long-time myself. But @Andreas_Schenk  is right; there is no way, right now, of getting this information. However, if you are interested in doing it on a Mac, there is a solution. I have been using this extension attribute for over a year in our environment.

https://github.com/bp88/Jamf-Pro-Extension-Attributes/blob/master/iCloud%20Account%20Details.sh

Maybe someday we will be able to get that info.

 

jmahlman
Valued Contributor

Posted on ‎11-11-2021 12:11 PM

@Gotti  We have an EA that does this for us:

#!/bin/sh
## Get logged in user
loggedInUser=$(stat -f%Su /dev/console)
icloudaccount=$( defaults read /Users/$loggedInUser/Library/Preferences/MobileMeAccounts.plist Accounts | grep AccountID | cut -d '"' -f 2)
if [ -z "$icloudaccount" ] 
then
    echo "<result>No Accounts Signed In</result>"
else
    echo "<result>$icloudaccount</result>"
fi

 

Off topic, why is bash/shell not a code option in JN?!  

Screen Shot 2021-11-11 at 3.10.11 PM.png

sdrake
New Contributor III
In response to jmahlman

Posted on ‎12-07-2022 10:56 AM

This works perfectly, thank you!!

0 Kudos

MarcozEspitia
New Contributor

Posted on ‎05-04-2022 07:28 AM

Hello Guys,

Both Scripts that you guys provided don't work. It doesn't find any Macbooks that have AppleID on them. Knowing for a fact that at least 10 of them have it. Any more suggestions?

0 Kudos

Andreas_Schenk
Contributor
Contributor
In response to MarcozEspitia

Posted on ‎05-04-2022 07:34 AM

The EA script that @jmahlman posted, does work in my setting (for macOS; original post asked for iOS).

You might want to look at the parts of that script and its results. What is the result if you run it on those computers as an Extension Attribute and what is the result if you run it on your admin computer?

0 Kudos

entrata
New Contributor II

Posted on ‎11-10-2022 11:35 AM

Do you put this script into a smart group? If so what is the criteria you use to search for the computers in question?

0 Kudos

vickih
New Contributor III

‎03-17-2023 06:17 AM - edited ‎03-17-2023 06:24 AM

Personally I added the script as an extension attribute and then it populates in the inventory section of the computer in the section I wanted. This will run on its own during an inventory check-in.  If anyone finds a mobile device (iPad) solution please update this thread. Since everyone is posting about Desktop instead of iPad. :D Extension Attribute.png

DLR
New Contributor

Posted on ‎03-30-2023 12:12 PM

Man and iPad solution would be so nice! if anyone knows of one please let me know! 

0 Kudos