Report of all Local User Accounts in computer

Frank_Sonder
Contributor

We are trying to determine which computers are being shared in the company and to do so we need to know how many users there are per machine. Is there a way to report how many local user accounts per computer we have and list them? I tried some reports, scripts, etc but they only show me lastuser or duplicate computers with the same user. Thanks

Screenshot 2023-01-18 at 4.49.47 PM.png

6 REPLIES 6

McAwesome
Valued Contributor

You may actually be able to take advantage of some Jamf Connect extension attributes for this goal even if your environment isn't deploying Jamf Connect.  The one below will show you all the local accounts that are not using Jamf Connect.  Combine that with some regex filtering and you should be able to track down any machine with more than one local user account.
https://github.com/jamf/jamfconnect/blob/main/additional_extension_attributes/Look%20for%20Unmigrate... 

Actually, we are using JAMF Connect! It's not on all of our computers yet tho.
Nice I'll take a look

We use this script in our jamf connect environment, the intent is to use it to remove the jamf connect sign in post sign in so other users can't sign in against jamf connect on the same device, so the sign in is individualised, however the dscl value OIDCProvider is not added if the account was pre existing to having jamf connect connected.

Say if the device was installed with jamf connect with the existing user being the same credentials to the jamf connect account signed in. or if in abyss environment the first setup user is a mirror of credentials of the jamf connect account that would be created on sign in. Do you know if there is another location source of information for ?

teodle
Contributor II

You could also use an extension attribute for this, I believe. 

joethedsa
Contributor II

@Frank_Sonder , take a look at this thread: https://www.jamf.com/jamf-nation/discussions/18106/creating-smart-group-for-number-of-local-user-acc....

#!/bin/sh
echo "<result>$(dscl . list /Users UniqueID | awk '$2>500{print $1}' | wc -l | sed 's/^ *//g')</result>"

You can use this for an Extension Attribute.

spesh
New Contributor III

This works great, thank you! Only tidbit to mention is when using this as an Extension Attribute, I initially had the output set to String. Found it best to have the output set to integer due to the wc -l command that way you can set the EA criteria to "greater than".