Skip to main content
Solved

Remote Management Active Extension Attempt

  • August 21, 2013
  • 11 replies
  • 36 views
A
Forum|alt.badge.img+9

Hey guys. I have a script I wrote to use as an extension attribute to check and see if Remote Management is enabled on a machine or not. However, while it runs really well locally, it only returns 'On' when used in an extension attribute, even if I know for a fact Remote Management has been disabled.

I've included the script below. Anyone have any thoughts?

#!/bin/sh

Status=`launchctl list | grep '^d.*RemoteDesktop.*'`

if [ -z "${Status}" ]
    then echo "Off"
else
    echo "On"

fi

Best answer by mm2270

The script in the EA is running as root. If you do the above launchctl list command as root you get no results, Doing it as the logged in user you get "-" That's likely why its not working. sudo launchctl list and launchctl list don't look at the same launchd items.

Try getting the logged in user and use that in the below. I didn't really test this, so you'll need to try it and see it it fixes the issue

#!/bin/sh

loggedInUser=$( ls -l /dev/console | awk '{print $3}' )
Status=$( sudo -u $loggedInUser launchctl list | grep com.apple.RemoteDesktop.agent )

if [[ $Status == "-" ]] ; then
    echo "<result>On</result>"
else
    echo "<result>Off</result>"
fi

    11 replies

    talkingmoose
    Forum|alt.badge.img+36
    • talkingmoose
    • Community Manager
    • August 21, 2013

    If you grep for the process "com.apple.RemoteDesktop.agent" you'll either receive this when enabled:

    40689   -   com.apple.RemoteDesktop.agent

    or something like this when disabled:

    -   0   com.apple.RemoteDesktop.agent

    According to the launchctl man page the first column is the PID, the second is the exit status (if not running) and the third is the label or name of the agent. What's important to note is you'll receive some sort of status regardless of whether ARD is enabled in the Sharing pane.

    One way to get what you need is to awk for the second text item. If it's " - " then you know Remote Management is running:

    #!/bin/sh

Status=$( launchctl list | grep com.apple.RemoteDesktop.agent | awk '{ print $2 }' )

if [ $Status = "-" ] ; then
    echo "On"
else
    echo "Off"
fi
    A
    Forum|alt.badge.img+9
    • ahambidge
    • Author
    • Contributor
    • August 21, 2013

    talkingmoose, thanks for the script and the idea, and the script itself works. However, when I upload your script into the extension attributes area, the script still returns 'Off' instead of 'On' for a machine with it enabled. :/

    talkingmoose
    Forum|alt.badge.img+36
    • talkingmoose
    • Community Manager
    • August 21, 2013

    Wasn't paying attention this was an extension attribute. Are you making sure to include the result tags?

    #!/bin/sh

Status=$( launchctl list | grep com.apple.RemoteDesktop.agent | awk '{ print $2 }' )

if [ $Status = "-" ] ; then
    echo "<result>On</result>"
else
    echo "<result>Off</result>"
fi
    A
    Forum|alt.badge.img+9
    • ahambidge
    • Author
    • Contributor
    • August 21, 2013

    Yes, I included the results tag. For some reason it appears that it's just not processing the logic correctly? I'm not sure.

    mm2270
    Forum|alt.badge.img+24
    • mm2270
    • Legendary Contributor
    • Answer
    • August 21, 2013

    The script in the EA is running as root. If you do the above launchctl list command as root you get no results, Doing it as the logged in user you get "-" That's likely why its not working. sudo launchctl list and launchctl list don't look at the same launchd items.

    Try getting the logged in user and use that in the below. I didn't really test this, so you'll need to try it and see it it fixes the issue

    #!/bin/sh

loggedInUser=$( ls -l /dev/console | awk '{print $3}' )
Status=$( sudo -u $loggedInUser launchctl list | grep com.apple.RemoteDesktop.agent )

if [[ $Status == "-" ]] ; then
    echo "<result>On</result>"
else
    echo "<result>Off</result>"
fi
    bentoms
    Forum|alt.badge.img+35
    • bentoms
    • Hall of Fame
    • August 21, 2013

    IIRC there is an ARD Status EA Template already in the JSS.

    mm2270
    Forum|alt.badge.img+24
    • mm2270
    • Legendary Contributor
    • August 21, 2013

    Not that I can see. There are the ARD Fields 1 -4 EAs, but I don't see anything on our 8.71 JSS that would display the On/Off Status. There could be something here on the Nation that someone already uploaded though.

    bentoms
    Forum|alt.badge.img+35
    • bentoms
    • Hall of Fame
    • August 21, 2013

    What about: https://jamfnation.jamfsoftware.com/discussion.html?id=1989 then?

    (I might have my own version somewhere hence the confusion).

    mm2270
    Forum|alt.badge.img+24
    • mm2270
    • Legendary Contributor
    • August 21, 2013

    The EA posted by pickerin on that thread should do the trick. Probably better to look for the process running with ps. Although the launchctl method is sound too, assuming the sudo -u trick actually works in an EA. Take your pick I guess.

    A
    Forum|alt.badge.img+9
    • ahambidge
    • Author
    • Contributor
    • August 22, 2013

    First and foremost, thank all of you for your assistance with this. I would never have remembered that the EA scripts run as root. That perfectly explains why it wasn't working. As a bonus, both scripts work. :)

    C
    Forum|alt.badge.img+4

    Had to tweak mm270's script to get it to work w/ macOS 10.12:

    #!/bin/sh

loggedInUser=$( ls -l /dev/console | awk '{print $3}' )
Status=$( sudo -u $loggedInUser launchctl list | grep com.apple.RemoteDesktop.agent  | awk '{ print $1 }')
echo $Status

if [[ $Status == "-" ]] ; then
    echo "<result>Off</result>"
else
    echo "<result>On</result>"
fi
    Terms & ConditionsCookie settingsAccessibility statement