Hi-
Not sure if this is of use to anyone, but I may as well share. We
distribute Admin rights with a script that basically does a dscl . -append
/Groups/admin GroupMembership <shortUsername>.
At first, we could only do one at a time so I expanded the script to
accommodate all 8 command line entries that Casper Remote can pass to a
script. Going one step further, I wanted to prevent any duplicate entries
ending up in the GroupMembership key. If "jared" was already there,
nothing stops you from adding "jared" again and then you've got 2. Kinda
messy.
So, here's the script.
Cheers,
j
#!/bin/sh
#Check if run as root
ROOT_UID="0"
if [ "$UID" -ne "$ROOT_UID" ] ; then
echo "Please run this script as root or with sudo rights!"
exit 1
fi
#Put into an array all users from input and normalize to all lower-case.
Users[0]="$(echo ${4} | tr 'A-Z' 'a-z')"
Users[1]="$(echo ${5} | tr 'A-Z' 'a-z')"
Users[2]="$(echo ${6} | tr 'A-Z' 'a-z')"
Users[3]="$(echo ${7} | tr 'A-Z' 'a-z')"
Users[4]="$(echo ${8} | tr 'A-Z' 'a-z')"
Users[5]="$(echo ${9} | tr 'A-Z' 'a-z')"
Users[6]="$(echo ${10} | tr 'A-Z' 'a-z')"
Users[7]="$(echo ${11} | tr 'A-Z' 'a-z')"
#Assign to an array the current Admins on the box. We'll need this for
comparisson.
Admins=(dscl . -read /Groups/admin GroupMembership | cut -d ":" -f 2
)
#Let's get to work
AdminsTmp=(${Admins[@]})
AdminsToAdd=(${Users[@]})
for (( j=0 ; j<${#AdminsTmp[@]} ; j++ ))
do
for (( i=0 ; i<${#AdminsToAdd[@]} ; i++ ))
do
if [[ "${AdminsToAdd[$i]}" == "${AdminsTmp[$j]}" ]]
then
unset AdminsToAdd[$i]
let "i--"
fi
done
done
if [[ ${AdminsToAdd[@]} != "" ]]
then
dscl . -append /Groups/admin GroupMembership ${AdminsToAdd[@]}
else
echo "Nothing to add to Admin group. The user(s) you're trying to add may
already be there."
fi
--
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436