Running apps or commands once on a newly created profile

jhuls
Contributor III

This is probably staring me right in the face but does anyone have a solution for launching specified commands or applications the first time an account logs in and the profile is created? It's important that this only applies to new profiles created so it would have to ignore existing account profiles.

4 REPLIES 4

mm2270
Legendary Contributor III

Well, technically the "once per user per computer" frequency option along with the "login" trigger will do this. This option was introduced in 9.8. See here. Prior to that, it was once per user (across all computers)
Just a note that you need to have the Login/Logout Hooks options enabled in your JSS for your Macs.

ShaunRMiller83
Contributor III

If you are using Casper 9.8 or higher.

You can set a trigger for "Once Per User Per Computer" and then set an execute command (under the Files and Processes menu) open -a (pathtoapplication).

Granted I can think of some "gotchas" but generally speaking I think that should do what your asking for.

jhuls
Contributor III

Wouldn't those apply to all users on a system whether the profile has been created or not?

mm2270
Legendary Contributor III

Well, actually yes, you're right. That will take place on each Mac once per account on next login. Are you saying you only want this to apply to brand new accounts, not any existing ones?

If so, thats a little tougher. You might need to do something with a more full on scripted process.
Just thinking off the top of my head here, what I might do is the following:

Create a policy either using a script or package or DMG (with FEU only enabled) that creates a hidden file within each existing user account on all your Macs as they are today. So, for example, it could be a simple preference file in the ~/Library/Preferences/ location, or a hidden file at the top of each user account's directory path.
Deploy out this policy and let it hit each machine. The DMG with FEU option enabled might actually be the easiest approach for this.

Then create a script that runs that first checks to see if this file exists. If it doesn't, run whatever commands you had intended above, or launch applications, etc. When done, you can have it (optionally) create the file it was looking for to ensure it knows it has run on this user account before.
If the file is there, simply exit instead.

Create a policy that uses this script and use "once per user per computer" as the frequency and "login" as the trigger. Make sure to use All computers as the scope.
The policy will still run at login on each account, but instead of just running the command, it will run the script, which would determine if it needs to run the command and do it if needed. Otherwise it will exit. Since you're using "once per user per computer", it won't run again for that account regardless.