Depending on what you're looking to do, I would use a one line bash command with sed (or something similar) to edit the file. You can add the command to the "execute command" section of files and processes in a policy.

Are you looking to add a line or replace some test?

I've done it with Composer, but quickly turned to scripting like davidacland says. The problem with using Composer is you have to redeploy the Hosts every time you make a change, which can get cumbersome, particularly if different users require different hosts configurations. Much easier to manage by adding a line here or there with a script. Still, below is a screenshot of my Composer with hosts. Create your hosts file in vim and copy over to Composer like any other file.

Thank you guys for your reply... I want to edit the existing host file. Do you have a sample scripting to edit host file? Many thanks.

Hi @mreaso

If you want to edit an existing line, you can use sed -i '' -e 's/stringtoreplace/stringtoadd/' /path/to/file

If you want to add in a new line you can use echo "stringtoadd" >> /path/to/file

Thanks a lot @davidacland ... you're the man!!!

I wrote this script when I had to modify /etc/hosts for a certain department.

#!/bin/bash
# 
# swipely-host.sh
# Check for certain entry in /etc/hosts
# Add the entry if it's not found
#
# Adam Codega, Swipely
# Built off of http://thecodecave.com/2010/11/03/adding-a-line-to-etchosts-via-bash/ 
#

SUCCESS=0
domain=yourdomain.com
needle=subdomain.$domain
hostline="127.0.0.1 $needle"
filename=/etc/hosts

# Determine if the line already exists in /etc/hosts
grep -q "$needle" "$filename"  # -q is for quiet. Shhh...

# Grep's return error code can then be checked. No error=success
if [ $? -eq $SUCCESS ]
then
  exit 0;
else
  # If the line wasn't found, add it using an echo append >>
  echo "$hostline" >> "$filename"
    # Let's recheck to be sure it was added.
    grep -q "$needle" "$filename"

    if [ $? -eq $SUCCESS ]
        then
            exit 0;
        else
            exit 1;
    fi
fi

And this EA to test computers:

#!/bin/bash
# 
# swipely-host-ea.sh
# Check for certain entry in /etc/hosts
# Report to JAMF Casper Suite JSS server via Extension Attribute
#
# Adam Codega, Swipely
# Built off of http://thecodecave.com/2010/11/03/adding-a-line-to-etchosts-via-bash/ 
#

SUCCESS=0
domain=yourdomain.com
needle=subdomain.$domain
hostline="127.0.0.1 $needle"
filename=/etc/hosts

# Determine if the line already exists in /etc/hosts
grep -q "$needle" "$filename"  # -q is for quiet. Shhh...

# Grep's return error code can then be checked. No error=success
if [ $? -eq $SUCCESS ]
    then
        echo "<result>Hostname set</result>"
    else
        echo "<result>Hostname not set</result>"
fi

Hi @davidacland... can I ask an out of topic question from you.

I've recently joined a mac to AD and it worked perfectly. the issue now is every time i login offline it doesn't accept the password. I've seen some work around to create a mobile account but it's sluggish. any advice on how to solve this? thanks very much.

Mobile accounts are definitely the way to let people log in offline. If it is a bit slow, you can test switching off "Use UNC path to derive network home location" in the AD settings and also lower the timeout value for offline authentication /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow DSBindTimeout -int 5 (change the number on the end of the command to set the timeout). You normally have to test different values to get it just how you need it.

Thanks @davidacland ... script looks awesome. I tired it with -int 8 and it's just the way we want it. One last thing, Once we select mobile accounts it creates the user account in the logging window. How can we hide it? We don't want the user clicking that icon, instead we want them to go to "Other User".

Many thanks for your assistance.

You can set the login window to use username and password text fields by default using a login window configuration profile.

Hi @davidacland is there a way to automate the migration of local account to AD. In Windows we have this software called Profwiz. It automates any local account and convert it to AD account. Hope you can help some tips or if you have a script that does it.

Thanks so much.

Hi,

The basic process is to delete the local user account (preserving the home folder), rename the local home folder (if the name doesn't match the logon name in AD), reset ownership to match the user in AD and have the user login.

The commands behind this are (assuming 10.10 or higher OS):

• Delete the user: sysadminctl -deleteUser <user name> -keepHome
• Rename the home folder: mv /Users/<user name> /Users/adlogonname
• Set the ownership: chown -R adlogonname /Users/adlogonname

Thanks, @davidacland will try it out tomorrow and keep you posted.