Help

Need to deploy a defaults script to my users

Go to solution
TheHoff
New Contributor III

Posted on ‎05-31-2023 02:36 AM

I am trying to figure out how to deploy a script to our users that deregisters the O365 suite. On the Microsoft site I have found the following Terminal command:

defaults write com.microsoft.Word ResetOneAuthCreds -bool YES

This works like a charm when I run it locally, but when I try to run it through Jamf (selfService) it gives no result. I think this might be because the script through Jamf does not run as the logged in user.

This is what I have sofar:

#!/bin/bash
#Remove all Microsoft users
defaults write com.microsoft.Word ResetOneAuthCreds -bool YES

hoping there is someone that can point me in the right direction here.

0 Kudos
Reply
1 ACCEPTED SOLUTION

Go to solution
TheHoff
New Contributor III

‎05-31-2023 05:21 AM - edited ‎05-31-2023 05:22 AM

Managed to solve it myself with the help of ChatGPT. Did not know about the $USER possibility of sudo.

To send the defaults write command through Jamf to run as the local user, you can create a Jamf policy with a script payload that utilizes the sudo command to execute the command as the current user. Here's how you can achieve this:

#!/bin/bash
#Remove all Microsoft users
sudo -u $USER defaults write com.microsoft.Word ResetOneAuthCreds -bool YES

When the policy is executed on the devices, the script payload will run the specified defaults write command using sudo -u $USER, which runs the command as the current user.

 

View solution in original post

0 Kudos
Reply
3 REPLIES 3

Go to solution
sdagley
Esteemed Contributor II

Posted on ‎05-31-2023 05:12 AM

@TheHoff If you're looking to remove the Office license(s) from a Mac you can use the License Reset Package from https://office-reset.com/macadmins/ (that site and the removal tool were created by @pbowden from Microsoft)

Reply

Go to solution
TheHoff
New Contributor III

‎05-31-2023 05:21 AM - edited ‎05-31-2023 05:22 AM

Managed to solve it myself with the help of ChatGPT. Did not know about the $USER possibility of sudo.

To send the defaults write command through Jamf to run as the local user, you can create a Jamf policy with a script payload that utilizes the sudo command to execute the command as the current user. Here's how you can achieve this:

#!/bin/bash
#Remove all Microsoft users
sudo -u $USER defaults write com.microsoft.Word ResetOneAuthCreds -bool YES

When the policy is executed on the devices, the script payload will run the specified defaults write command using sudo -u $USER, which runs the command as the current user.

 

0 Kudos
Reply

Go to solution
sdagley
Esteemed Contributor II
In response to TheHoff

‎05-31-2023 05:33 AM - edited ‎05-31-2023 05:48 AM

@TheHoff Using $USER to find the current user is not recommended. See the following article for a discussion on the preferred mechanism to run a process as the logged in user on macOS: https://scriptingosx.com/2020/08/running-a-command-as-another-user/

0 Kudos
Reply