Posted on 09-07-2017 01:32 PM
First time poster here so please take it easy. What I am trying to achieve is seemingly simple, in principle, but boy has this given me a headache. What I need to achieve is this: When an LDAP user logs into a system, Safari launches with a specified URL. Only Safari should be accessible. That's it. Nothing more and nothing less. Why is this so difficult or am I being stupid? ( I am prepared to be told I am being stupid). I can't find anything in a config profile that allows this. Any suggestions would be helpful.
Solved! Go to Solution.
Posted on 09-07-2017 02:36 PM
I created this some time ago, but it still works.
It waits for the Finder to be ready then opens the URL passed to it in a policy.
If you tell Safari it will open in Safari, if you tell Finder it will open in the default browser.
You basically set it in a login triggered policy, with the URL specified and scoped to the computers you want and the restricted to the USer LDAP group you want it to activate for.
#!/bin/bash
The_URL="$4"
(
RunCount=0
Limit=30
Current_User="NONE_NADA_ZIP"
while [[ -z "$(ps -c -u $Current_User | awk /Finder/)" ]] && [[ "$RunCount" -lt "$Limit" ]]; do
let RunCount=$RunCount+1
sleep 2
Current_User=$(stat -f%Su /dev/console)
done
if [ "$The_URL" ] && [ "$(ps -ax -u $Current_User | awk '/Finder/ && !/awk/')" ]; then
sleep 1
/usr/bin/osascript<<END
tell application "Safari"
open location "$The_URL"
end tell
END
fi
) &
Posted on 09-07-2017 01:49 PM
The shell command to open url with safari is the following
open -a safari http://www.example.com
So you could add that command into the Execute Command field under Files and Processes section when creating a new Policy. Set the Trigger to login (This runs as root). Or you could write it as a script so you can run it as the logged in user.
Posted on 09-07-2017 02:36 PM
I created this some time ago, but it still works.
It waits for the Finder to be ready then opens the URL passed to it in a policy.
If you tell Safari it will open in Safari, if you tell Finder it will open in the default browser.
You basically set it in a login triggered policy, with the URL specified and scoped to the computers you want and the restricted to the USer LDAP group you want it to activate for.
#!/bin/bash
The_URL="$4"
(
RunCount=0
Limit=30
Current_User="NONE_NADA_ZIP"
while [[ -z "$(ps -c -u $Current_User | awk /Finder/)" ]] && [[ "$RunCount" -lt "$Limit" ]]; do
let RunCount=$RunCount+1
sleep 2
Current_User=$(stat -f%Su /dev/console)
done
if [ "$The_URL" ] && [ "$(ps -ax -u $Current_User | awk '/Finder/ && !/awk/')" ]; then
sleep 1
/usr/bin/osascript<<END
tell application "Safari"
open location "$The_URL"
end tell
END
fi
) &
Posted on 09-08-2017 03:34 AM
Thank you both for the reply and for sharing that! All sorted!