Jamf Nation Community

ddadomo · ‎10-24-2017

I apologize if these questions seem simple but I am still pretty new to scripting and to using JAMF.

My organization needs to whitelist several domains in Google to allow for Single Sign On. Running the script below while logged in as the user will add the sites:

defaults write com.google.Chrome AuthServerWhitelist ".example.com"
defaults write com.google.Chrome AuthNegotiateDelegateWhitelist ".example.com"

Obviously, *.example.com gets replaced with the sites we need added.

Below is the script we have tried using through JAMF:

!/bin/sh

Get the logged in username

loggedInUser=$(stat -f%Su /dev/console)

Run command as user

sudo -u $loggedInUser /usr/bin/defaults write /Users/$loggedInUser/Library/Prefences/com.google.Chrome AuthServerWhitelist ".example.com"
sudo -u $loggedInUser /usr/bin/defaults write /Users/$loggedInUser/Library/Prefences/com.google.Chrome AuthNegotiateDelegateWhitelist ".example.com"

The settings are not being written to the file after the script runs. I have done some research about running the script as the user and have had no luck finding a solution.

Any suggestions are greatly appreciated.

Thanks,

Dante

cbrewer · ‎10-24-2017

No need to run your script as the logged in user. Just run it with a login trigger, use $3 for the current user and then chown the file when you're done.

#!/bin/bash

defaults write /Users/$3/Library/Preferences/com.google.Chrome.plist AuthServerWhitelist "*.example.com"
chown $3 /Users/$3/Library/Preferences/com.google.Chrome.plist

donmontalvo · ‎10-24-2017

Configuration Profile is mucho bueno for this kind of thing.

--
https://donmontalvo.com

Report Inappropriate Content · ‎10-25-2017

We did it with Configuration Profile with custom payload, uploading a PLIST.

Script to modify com.google.Chrome to add site exceptions

!/bin/sh

Get the logged in username

Run command as user