Populate Username via Script

New Contributor

I have a script that analyzes the `last` output and calculates the user
who's been logged into the computer the longest. This is the best way of
determining who uses the computer without manually specifying them. At
the moment, the script runs as an Extended Attribute for `jamf recon`.
What I'd like to do is take that user and populate the Casper Username
field for the computer. Is this possible? If so, can I take it a step
further and trigger the "Check Name" to get the other field values from
LDAP? Would prefer this to run with `jamf recon`, but maybe triggering a
different policy would be better. Thanks

~ Ryan


Not applicable

If you’re getting a username back from the result of your script, all you need to do is run a:

sudo jamf recon –endUsername ‘username returned from script’

That’ll fill the username field in the JSS.


Honored Contributor

You can use the –realname value to specify that.

Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420

Release Candidate Programs Tester

Hi ryan

We use a script that queries dscl for the user & additional info & then submits the values to the jss.

I'm in the uk so am not in the office, but will send once back in tomorrow.


Ben Toms

Honored Contributor

You want to populate the local/cached user accounts to a specific
machine in Casper inventory? You should be able to tie in LDAP if you
configure your server properly. I know I have spoken to Jamf Support
about this in the past but have never had time to fully integrate mine.

Otherwise, a recon script can detect the user, and add them to the
machine in inventory.


New Contributor

Not quite, using the script I created, I have a specific username. I’d like to put that username into the Casper > Computer Details > Location Information > Username field.

If you Edit a computers details, I noticed that you can click “Check Name” under the Location tab. If the username is specified, it will lookup the info from LDAP (based on the LDAP Mapping settings). That would just be a plus to populate the Real Name and such.

Mainly looking for a way to copy / populate the Computers > Location > Username based on my extended attribute / script.

~ Ryan

New Contributor

Interesting idea, but that would cause an endless loop if I add that to the Extended Attribute script (since it calls `jamf recon` again). It would work if it’s a separate policy script though.

~ Ryan

Honored Contributor

That is what I was referring to. You can have recon add in the user as
a log in hook, so it grabs the user when they log in, then adds it in.

New Contributor

Ok, I’ve finally come up with a script that is all Bash and fairly straight-forward (attached). To use the script, first edit the script and modify the ldapsearch parameters to your needs. (Note: you would need to modify the filter and such for OpenLDAP as its setup for ActiveDirectory.) Setup a Policy that will run the attached script. Then in the Advanced section of the Policy, set the Run Command to:

jamf recon -endUsername "cat /private/tmp/username.txt" -realname "cat /private/tmp/realname.txt"

Make sure the Update Inventory option is not selected in the Policy, this will cause jamf recon to run twice. Save the Policy and test it on a few computers. So far I’ve tested it on 10.4.11, 10.5.8, and 10.6.6 but more testing is needed. This will only work when the Policy is ran, not during any “jamf recon” as it’s not an extended attribute. If you find bugs or tweaks please let me know. Thanks

~ Ryan

New Contributor

FYI, I’ve updated the script to get the real name from dscl, instead of an LDAP query. Attached is the fully updated script.

realname=`dscl . -read "/Users/$username" | awk '

BEGIN {FS = ": "}

$1 ~ /RealName/ {

if ($2 == "" && (getline nextline) !~ /:/) {

gsub(/^ +| +$/, "", nextline);

print nextline;

} else {

print $2;




~ Ryan

New Contributor

Hopefully the last update. Some bug fixes with the realname lookup and logical changes with the username lookup. Not sure if anyone is interested, but it’s attached.

~ Ryan