- Jamf Nation Community
- Products
- Jamf Pro
- Re: iCloud account info from extension attribute
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Friday
I'm looking for an up to date extension attribute that checks to see if a mac has an account signed into iCloud and what that full account name is, if an account is signed in.
I've found several other EA's that look for this plist, MobileMeAccounts.plist. The mac I'm testing with is running on OS 15.1, and I do not see this plist under ~/library/preferences.
Any info on if the plist has changed or moved would be greatly appreciated as well.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Friday
That PLIST should still be there. This extension attribute is working with macOS Sequoia 15.1. To be sure I just tested it in CodeRunner on my MacBook Pro running Sequoia and I see my MacBook Pro in the smart group that I setup for this EA. To further verify this, I just logged in with my iCloud account on a Mac that has a fresh install of macOS Sequoia that had not been signed in previously. The same PLIST just appeared right after I logged in.
#!/usr/bin/zsh
current_user="$(/usr/sbin/scutil <<< "show State:/Users/ConsoleUser" | /usr/bin/awk '/Name :/ && ! /loginwindow/ {print $3}')"
if [ -e "/Users/$current_user/Library/Preferences/MobileMeAccounts.plist" ]; then
icloud_account=`/usr/libexec/PlistBuddy -c "print :Accounts:0:AccountID" /Users/$current_user/Library/Preferences/MobileMeAccounts.plist`
icloud_status="Enabled by $icloud_account"
else
icloud_status="Not Enabled"
fi
echo "<result>$icloud_status</result>"
7 REPLIES 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Friday
That PLIST should still be there. This extension attribute is working with macOS Sequoia 15.1. To be sure I just tested it in CodeRunner on my MacBook Pro running Sequoia and I see my MacBook Pro in the smart group that I setup for this EA. To further verify this, I just logged in with my iCloud account on a Mac that has a fresh install of macOS Sequoia that had not been signed in previously. The same PLIST just appeared right after I logged in.
#!/usr/bin/zsh
current_user="$(/usr/sbin/scutil <<< "show State:/Users/ConsoleUser" | /usr/bin/awk '/Name :/ && ! /loginwindow/ {print $3}')"
if [ -e "/Users/$current_user/Library/Preferences/MobileMeAccounts.plist" ]; then
icloud_account=`/usr/libexec/PlistBuddy -c "print :Accounts:0:AccountID" /Users/$current_user/Library/Preferences/MobileMeAccounts.plist`
icloud_status="Enabled by $icloud_account"
else
icloud_status="Not Enabled"
fi
echo "<result>$icloud_status</result>"
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Friday
Interesting, I was signed in but didn't have that MobileMeAccounts.plist there. I had signed in probably back when it still had Ventura on it.
I signed out and signed back in and it did end up creating that plist, you're right, I'm sorry.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Friday
No need to be sorry. It wouldn't be unheard of for Apple to sneak a change in under our noses. I'm curious why they still call it "MobileMeAccounts" since the service has been called iCloud since 2011.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Friday
This is what I am using, and it still works as of 15.1. Looks like @howie_isaacks answered this already, but I dug the EA up so dang it I'm sharing it lol.
#!/bin/sh
## Get logged in user
UserID=$(stat -f%Su /dev/console)
iCloudAccount=$( defaults read /Users/$UserID/Library/Preferences/MobileMeAccounts.plist Accounts | grep AccountID | cut -d '"' -f 2)
if [ -z "$iCloudAccount" ]
then
echo "<result>Null</result>"
else
echo "<result>$iCloudAccount</result>"
fi
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Friday
Yours works just as well. This is why I love this community. Everyone is generous with their time, their knowledge, and experience.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sunday
I have this one
#!/bin/bash
for user in $(ls /Users/ | grep -v -E '^(\.localized|Shared|administrator)$'); do
if [ -d "/Users/$user/Library/Application Support/iCloud/Accounts" ]; then
Accts=$(find "/Users/$user/Library/Application Support/iCloud/Accounts" | grep '@' | awk -F'/' '{print $NF}')
iCloudAccts+=(${user}: ${Accts})
else
Accts="None"
iCloudAccts+=(${user}: ${Accts})
fi
done
echo "<result>$(printf '%s
' "${iCloudAccts[@]}")</result>"
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Monday
This one works too. I haven't seen someone use a for loop for this before. You have just reminded me that I need to use for loops more.
