- Jamf Nation Community
- Products
- Jamf Pro
- Re: Reporting ARD status
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Reporting ARD status
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-20-2010 10:01 AM
I see in the Resource Kit an excellent tool/script for enabling ARD on
a machine. What I'm looking for is a way to determine whether a user
has disabled ARD.
I see "Remote Login" as an option in the Extensions Attributes
templates, but my understanding has always been that "Remote Login"
refers to SSH, while "Remote Management" refers to ARD.
Does anyone have an Extension Attribute for gathering the ARD status
of machines?
I could, of course, create an "always-on" policy that constantly sets
ARD status on every machine during policy check-in using the
enableARD.sh script, but this is overkill and would strain the server
constantly. I just need to know who has ARD turned off.
Any ideas?
Thanks,
Damien Barrett
System Technician
Montclair Kimberley Academy
973-842-2812
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-04-2013 01:14 PM
Gonna bump this up, has anyone seen a way to gain a computer's ARD status? I'd love to be able to put that through an EA and then make the correct adjustments to those computers.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-04-2013 06:02 PM
Here's what I use:
Extension Attribute to Determine current ARD Status:
#!/bin/sh
mvar=$(ps ax | grep -c -i "[Aa]rdagent")
if [ $mvar -eq 1 ]; then
echo "<result>Running</result>"
else
echo "<result>Not Running</result>"
fiExtension Attribute for currently defined Admins for ARD:
#!/bin/sh
# Determines if the Remote Management settings are set
# for "All Users" or for "Only these users:" in System
# Preferences' Sharing preference pane
ARD_ALL_LOCAL=`/usr/bin/defaults read /Library/Preferences/com.apple.RemoteManagement ARD_AllLocalUsers`
# Lists all local user accounts on the Mac with a UID
# of greater or equal to 500 and less than 1024. This
# should exclude all system accounts and network accounts
#
# List is displayed if the "All Users" setting is
# set in the Remote Management settings.
ALL_ID500_PLUS_LOCAL_USERS=`/usr/bin/dscl . list /Users UniqueID | awk '$2 >= 500 && $2 < 1024 { print $1; }'`
# Lists all user accounts on the Mac that have been given
# explicit Remote Management rights. List is displayed if
# the "Only these users:" setting is set in the Remote
# Management settings.
REMOTE_MANAGEMENT_ENABLED_USERS=`/usr/bin/dscl . list /Users naprivs | awk '{print $1}'`
if [ "$ARD_ALL_LOCAL" = "1" ]; then
result=$ALL_ID500_PLUS_LOCAL_USERS
elif [ "$ARD_ALL_LOCAL" = "0" ]; then
result=$REMOTE_MANAGEMENT_ENABLED_USERS
fi
# Displays list of accounts that have
# been given Remote Management rights
echo "<result>$result</result>"I then have a policy that if either ARD is not running, or the admins are incorrect, I fix it. Runs once a day.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-04-2013 11:53 PM
@pickerin - thanks for sharing! I copied those into my system too - good information to have!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-21-2013 10:45 AM
Oops wrong post.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-13-2016 11:50 AM
Thanks for this I setup the I got the ARD extension attribute working but its not always reporting correct information.
I have some computers with ARD off even tho it extension attribute is reporting it on. Is their any way for force the extension attribute to update?
