Posted on 02-05-2015 06:30 AM
Hello, I am new to the Casper/Jamf world and looking for some help. I am trying to get the 30minAdminJss process working, the Make admin works fine, I am not sure how to get the Remove portion to work. Can someone help me with this?
Posted on 02-05-2015 06:49 AM
Posted on 02-05-2015 07:05 AM
Hi,
Are you using this script: https://github.com/darklordbrock/Temporary-Admin-30min/blob/master/30minAdminJss.sh
If you are you would just need to add the script to the JSS and create a self service policy for it.
The second part of the script is to add a LaunchDaemon to trigger the removal of the user from the admin group.
What are the symptoms you are seeing?
Posted on 02-05-2015 08:29 AM
Hi, davidacland, yes that is the script, I have set up the 30minAdminJss.sh with a policy and it works great, the problem is with the Remove script, I am not sure how to make this work.
Thank you
Posted on 02-05-2015 08:43 AM
Ah ok. It looks like you need to create a policy with a manual trigger called "adminremove".
In the example script there is a receipt left behind: /var/uits/userToRemove.
You just need to create a second script with the following:
#!/bin/sh
U=$(cat /var/uits/userToRemove)
# Gets the name of the user to remove
dseditgroup -o edit -d $U -t user admin
# Takes them out of the admin group
launchctl unload -w /Library/LaunchDaemons/edu.uwm.uits.brockma9.adminremove.plist
# Unloads the LaunchDaemon
rm /Library/LaunchDaemons/edu.uwm.uits.brockma9.adminremove.plist
# Deletes the LaunchDaemon
rm /var/uits/userToRemove
# Deletes the receipt file
exit 0
Add the script to the remove policy that has the manual trigger and that should do the trick.
Posted on 02-06-2015 10:10 AM
davidacland, thank you for the advice, when you say "add a policy with a manual trigger" are you referring to the "Custom" trigger?
Posted on 02-06-2015 10:16 AM
Yes that's the one.
Posted on 02-06-2015 10:18 AM
Great, thanks, I noticed the script you posted is quite a bit diff. than the one i grabbed, i will give it a try, thanks again.