Help

Make user admin at logon but at logout make user as a standard user

jamflund
New Contributor III

Posted on ‎11-09-2020 01:08 AM

Hello! I would like to set a login and logout script that makes the logged in user as admin and then when the same user logs out, logout script is run which makes the user a default user. This is to prevent users from using the admin account to change startup options on a Mac computer. Has anyone done that yet?

Labels:
0 Kudos
Reply
2 REPLIES 2

rhooper
Contributor III

Posted on ‎11-09-2020 11:09 AM

@jamflund I just tested this script on Mojave, Sierra, High Sierra, Catalina. Worked well.

!/bin/bash

localAccts=$(dscl . list /Users UniqueID | awk '$2>500{print $1}' | grep -v localadmin)

while read account; do echo "Making sure $account is not in the local admin group" dseditgroup -o edit -d $account admin
done < <(echo "$localAccts")

exit 0

0 Kudos
Reply

CSCC-JS
Contributor III

Posted on ‎11-09-2020 01:52 PM

Isn’t the logout trigger removed in macOS Big Sur?

0 Kudos
Reply