Jamf Nation Community

dgreening · ‎12-17-2015

Hey guys and gals,

A bit of background first:

We need to move a few users from their existing AD user account to a brand new AD user account - the accounts will have different names/UIDs
We will be on the same domain, so no binding will need to be done
We will have the users log in with their new account and enable themselves for FV2 before any data gets moved

We want to script a way to provide a Self Service method (when logged in as the local admin account) to move users data from their old account into their new account. This will probably involve the following:

Deleting the new user accounts user directory (rm -Rf /Users/newuser)
Changing the name of the old home directory to the new user name (probably using mv)
Changing the ownership of the renamed home directory to the new user account (chown -R newuser /Users/newuser)

Does anyone have a script designed to do this? I don't need a complete ready-to-go product, just some idea on how to accomplish this with minimal headache. Thanks in advance!

stevewood · ‎12-17-2015

@dgreening if you rename the existing home folder to the new AD user name and change permissions, then there's no need to delete the old or have the user login and then log out of the new account.

Have user logout.
Local admin logs in and opens Self Service.
Self Service policy/script does:

mv /Users/$oldUserName /Users/$newUserName
chmod -R "$newUserName" /Users/$newUserName

Local admin logs out
User logs in with new account info.

That should be all you need to do.

stevewood · ‎12-17-2015

Thinking about it a little more, how are you going to get the new account info? And are you really going to have an administrator go around to each user's machine to do this?

dgreening · ‎12-17-2015

Fortunately we are only talking about IT folks moving their own accounts. I am going to use CocoaDialog to prompt for the old user name and then the new user name for use in the script. We do have numbers in some of our usernames, so I need to figure out how to work around that in CocoaDialog.

stevewood · ‎12-17-2015

@dgreening I realized you mentioned FV also. If your local admin user is enabled for FV already, you do not have to have them login to enable themselves for FV either. You can script it as part of the home folder move. I used that method when I had to change AD domains last year. I utilized CocoaDialog to grab the user's password and feed that into a plist file that FV used to re-add the user to FV. You can find my script here:

Move Domains

If you need more help scripting it, just let us know.

dgreening · ‎12-18-2015

So I have the script which leverages CocoaDialog complete!

First off a BIG shout-out to Ross Derewianko who wrote the original CocoaDialog computer name changer script which this script is based on!

#!/bin/sh
########################################################################
# Created By: Daniel Greening, Sapient Corporation
# Creation Date: December, 2015 
# Last modified: December 18, 2015
# Brief Description: Changes User home from old account to new account
########################################################################

# Check for CocoaDialog and if not install it

if [ -d "/Library/Application Support/JAMF/bin/CocoaDialog.app" ]; then
    CoDi="/Library/Application Support/JAMF/bin/CocoaDialog.app/Contents/MacOS/cocoaDialog"
else
    echo "CocoaDialog.app not found installing" 
    jamf policy -event cocoa
    CoDi="/Library/Application Support/JAMF/bin/CocoaDialog.app/Contents/MacOS/cocoaDialog"
fi

########################################################################
# Functions
#######################################################################

# Cleans the first two characters out (cocoaDialog adds a 1 
 to the string value which we don't need.)

function cleannewname() {
    newname=${newname:2}
}

function cleanoldname() {
    oldname=${oldname:2}
}

# Prompts the user for their old username

function oldnameprompt() {
    oldname=`"$CoDi" standard-inputbox --float --title "Account Migration Utility" --informative-text "Enter your old AD username:"`

    if [ "$oldname" == "2" ]; then
        echo "user cancelled"
        exit 1
    fi
    cleanoldname
}   

# Prompts the user for their new username

function newnameprompt() {

    newname=`"$CoDi" standard-inputbox --float --title "Account Migration Utility" --informative-text "Enter your new AD username:"`

    if [ "$newname" == "2" ]; then
        echo "user cancelled"
        exit 1
    fi
    cleannewname
}

# Checks for a blank oldname, and if its blank prompt agian 

function checkforoldblank() {
    while [[ -z $oldname && {$oldname+1} ]]
    do
        oldnameprompt
    done
}

# Checks for blank newname, and if its blank prompt again

function checkfornewblank() {
    while [[ -z $newname && {$newname+1} ]]
    do
        newnameprompt
    done
}

# Makes the home directory changes

function homechanger() {
    rm -Rf /Users/"$newname"
    mv /Users/"$oldname"/ /Users/"$newname"
    2>/dev/null chown -R "$newname" /Users/"$newname"
}

########################################################################
# Script
########################################################################

oldnameprompt
checkforoldblank
newnameprompt
checkfornewblank
homechanger

Jamf Nation Community

Moving Home Directories - Old User to New User - Same Domain?