Jamf Nation Community

ahambidge · ‎08-21-2013

Hey guys. I have a script I wrote to use as an extension attribute to check and see if Remote Management is enabled on a machine or not. However, while it runs really well locally, it only returns 'On' when used in an extension attribute, even if I know for a fact Remote Management has been disabled.

I've included the script below. Anyone have any thoughts?

#!/bin/sh

Status=`launchctl list | grep '^d.*RemoteDesktop.*'`

if [ -z "${Status}" ]
    then echo "Off"
else
    echo "On"

fi

mm2270 · ‎08-21-2013

The script in the EA is running as root. If you do the above launchctl list command as root you get no results, Doing it as the logged in user you get "-" That's likely why its not working. sudo launchctl list and launchctl list don't look at the same launchd items.

Try getting the logged in user and use that in the below. I didn't really test this, so you'll need to try it and see it it fixes the issue

#!/bin/sh

loggedInUser=$( ls -l /dev/console | awk '{print $3}' )
Status=$( sudo -u $loggedInUser launchctl list | grep com.apple.RemoteDesktop.agent )

if [[ $Status == "-" ]] ; then
    echo "<result>On</result>"
else
    echo "<result>Off</result>"
fi

View solution in original post

bentoms · ‎08-21-2013

What about: https://jamfnation.jamfsoftware.com/discussion.html?id=1989 then?

(I might have my own version somewhere hence the confusion).

View solution in original post

talkingmoose · ‎08-21-2013

If you grep for the process "com.apple.RemoteDesktop.agent" you'll either receive this when enabled:

40689   -   com.apple.RemoteDesktop.agent

or something like this when disabled:

-   0   com.apple.RemoteDesktop.agent

According to the launchctl man page the first column is the PID, the second is the exit status (if not running) and the third is the label or name of the agent. What's important to note is you'll receive some sort of status regardless of whether ARD is enabled in the Sharing pane.

One way to get what you need is to awk for the second text item. If it's " - " then you know Remote Management is running:

#!/bin/sh

Status=$( launchctl list | grep com.apple.RemoteDesktop.agent | awk '{ print $2 }' )

if [ $Status = "-" ] ; then
    echo "On"
else
    echo "Off"
fi

ahambidge · ‎08-21-2013

talkingmoose, thanks for the script and the idea, and the script itself works. However, when I upload your script into the extension attributes area, the script still returns 'Off' instead of 'On' for a machine with it enabled. :/

talkingmoose · ‎08-21-2013

Wasn't paying attention this was an extension attribute. Are you making sure to include the result tags?

#!/bin/sh

Status=$( launchctl list | grep com.apple.RemoteDesktop.agent | awk '{ print $2 }' )

if [ $Status = "-" ] ; then
    echo "<result>On</result>"
else
    echo "<result>Off</result>"
fi

ahambidge · ‎08-21-2013

Yes, I included the results tag. For some reason it appears that it's just not processing the logic correctly? I'm not sure.

mm2270 · ‎08-21-2013

The script in the EA is running as root. If you do the above launchctl list command as root you get no results, Doing it as the logged in user you get "-" That's likely why its not working. sudo launchctl list and launchctl list don't look at the same launchd items.

Try getting the logged in user and use that in the below. I didn't really test this, so you'll need to try it and see it it fixes the issue

#!/bin/sh

loggedInUser=$( ls -l /dev/console | awk '{print $3}' )
Status=$( sudo -u $loggedInUser launchctl list | grep com.apple.RemoteDesktop.agent )

if [[ $Status == "-" ]] ; then
    echo "<result>On</result>"
else
    echo "<result>Off</result>"
fi

bentoms · ‎08-21-2013

IIRC there is an ARD Status EA Template already in the JSS.

mm2270 · ‎08-21-2013

Not that I can see. There are the ARD Fields 1 -4 EAs, but I don't see anything on our 8.71 JSS that would display the On/Off Status. There could be something here on the Nation that someone already uploaded though.

bentoms · ‎08-21-2013

What about: https://jamfnation.jamfsoftware.com/discussion.html?id=1989 then?

(I might have my own version somewhere hence the confusion).

mm2270 · ‎08-21-2013

The EA posted by pickerin on that thread should do the trick. Probably better to look for the process running with ps. Although the launchctl method is sound too, assuming the sudo -u trick actually works in an EA. Take your pick I guess.

ahambidge · ‎08-22-2013

First and foremost, thank all of you for your assistance with this. I would never have remembered that the EA scripts run as root. That perfectly explains why it wasn't working. As a bonus, both scripts work. :)

ChrisJScott-wor · ‎07-11-2017

Had to tweak mm270's script to get it to work w/ macOS 10.12:

#!/bin/sh

loggedInUser=$( ls -l /dev/console | awk '{print $3}' )
Status=$( sudo -u $loggedInUser launchctl list | grep com.apple.RemoteDesktop.agent  | awk '{ print $1 }')
echo $Status

if [[ $Status == "-" ]] ; then
    echo "<result>Off</result>"
else
    echo "<result>On</result>"
fi

Jamf Nation Community

Remote Management Active Extension Attempt