I know you can use Jamf Pro to create a new local user account with or without admin access, but can you use Jamf Pro to modify an already existing local account's permissions?
Question
Local Admin Access
+8
+24What do you mean by permissions? Do you mean demoting it to a standard user instead of admin? Or are you talking about just limiting it's admin privileges?
+24OK, then yes, totally possible to do with a script. There are a couple of methods to do it, but I believe the current supported way (still) is to use dseditgroup Something like this:
/usr/sbin/dseditgroup -o edit -a username adminIn the above, you are telling dseditgroup to do the operation (-o) edit to add (-a) the user username to the group admin
This makes the user named "username" an admin
To do the reverse - remove them from the admin group, you use operation delete (-d) like so:
/usr/sbin/dseditgroup -o edit -d username adminThis simply deletes "username" from the admin group.
Hope that helps.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.