Purge Users

IT-Chris
New Contributor III

Does anyone have a script that will purge users.
Had one that works with 10.15 and below, but big sur no longer works.

thanks!

5 REPLIES 5

mooler
New Contributor III

This thread helped me out on this issue, maybe it will help you out as well.

link text

IT-Chris
New Contributor III

@mooler thanks, but with big sur things have changed. Those scripts work but now you need direct access to su root for the rm command can be used on folders in the /users folder

Has to be a way to get this done.

mooler
New Contributor III

@pranzinic You are absolutely right, didn't read carefully enough. Big Sur is the exception to this script.

PaulHazelden
Valued Contributor

Lateral thinking. You could try this...
You will need
Your script
A second script to delete the file
A watched file
A LaunchDaemon
Maybe a temp file or 2 to pass information across between the 2 scripts.
In your script, when you want to delete the file, put in a touch /path/to/watched/file, then pause for 10 seconds. Set the LaunchDaemon to watch that file, and when it sees the touch it will run the delete script. I have used temp files to pass information between the 2 scripts like usernames etc. The script run by the Daemon will be run locally as root. Had success in the past with troublesome folders in Users accounts by using this method. Just remember to leave the watched file alone, or the Daemon will run.

Not saying it will work. But it is using Apple methodology locally on the Mac rather than something from an MDM or some other source.

Daemon Something along these lines

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.unique.daemon.name</string>
    <key>ProgramArguments</key>
    <array>
        <string>/path/to/daemon/script.sh</string>
        <string>-argument</string>
    </array>
    <key>WatchPaths</key>
    <array>
        <string>/path/to/watched/file</string>
    </array>
</dict>
</plist>

Watching this file /path/to/watched/file
Runs as root this script /path/to/daemon/script.sh
If you have specific info, like a username to pass then echo $"the variable" > /to/a/temp/location/file. Then in the Daemon script newvar=$(cat /to/a/temp/location/file). Now use $newvar in the Daemon script.

Your main script will then need

/usr/bin/touch /path/to/watched/file
/bin/sleep 10

Put this in where you would have the rm command, and the Daemon should handle that for you.
For some strange reason I found more success with rm -Rfv
Not a clue why verbose would be more successful, but whatever works.

Not tested or even tried this in Big Sur. The basic method does work, of touching a watched file to launch a Daemon.

IT-Chris
New Contributor III

I have been using jamf DeleteAccount DeleteHomeDir and it works at times. I find my self working on a few machines , go back later to run it again. and then it fails with can't remove the /Users/HomeFolder

It does remove the user account, just not the homefolder. If I remove the deleteHomeDir it will create a deleted users folder tell me that is making a dmg, but never does. i'll try the v and see what happens.

@PaulHazelden