- Jamf Nation Community
- Products
- Jamf Pro
- Re: Interesting issue with auto populating fields ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Interesting issue with auto populating fields from LDAP
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-26-2017 10:18 AM
So I have this weird issue going on. I just implemented MacMule's script below to grab LDAP user info and import it in JSS. The script is running via a policy at Login/Logout, Ongoing. When a user signs into a device I want to see their User ID, Real Name, and email address. It seemed to be working at first but now when I log into one of the laptops it updates the email address and real name of every other device being managed. Only the username sticks. Not sure how to troubleshoot this.
#!/bin/sh
####################################################################################################
#
# More information: http://macmule.com/2014/05/04/submit-user-information-from-ad-into-the-jss-at-login-v2/
#
# GitRepo: https://github.com/macmule/SubmitUsernameAtReconForLDAPLookup
#
# License: http://macmule.com/license/
#
####################################################################################################
# Get the logged in users username
loggedInUser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`
echo "Running recon for $loggedInUser `date`..."
# Run recon, submitting the users username which as of 8.61+ can then perform an LDAP lookup
sudo jamf recon -endUsername "$loggedInUser"
echo "Finished running recon for $loggedInUser `date`..."
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-26-2017 12:09 PM
I'd start by trying to figure out what isn't working. First see if the loggedInUser variable is returning the correct result by going into terminal and running
loggedInUser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`And then run $loggedInUser to see if it returns the correct name.
And you can also test the process by taking that variable out of the equation. Sign into a Mac, then just run the last line of that script in Terminal, and slug in the actual username.
sudo jamf recon -endUsername "actualUsername"And finally, what I understand to be that actual, Apple-approved way of getting the logged in user's username is this:
loggedInUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "
");'`So you could exchange what you have in your script for the loggedInUser variable for this one, and see if that works any better.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-29-2017 06:59 AM
Ok, so digging further I think I might have figured it out. I implemented the Apple approved way you mentioned. One common denominator is I've been logging into different devices with the same student account as a test. When I change the login on one device it affects all of the devices that user is logged into. I believe this part of the script is the culprit then:
sudo jamf recon -endUsername "$loggedInUser"Jamf is running a recon on the last logged in username, if I've logged into 20+ computers it's going to update the login info for all those computers. Is that correct?
How would I limit it to just the one computer?
