Jamf Nation Community

Trying to find users that dont have a manage account. Local users that have managed accounts have a long UID and those that just have a local account are in the 502-505 range. 501 UID is the local admin that we put on with every image.

I see. So then you're using a directory service for your regular user accounts. The long UID numbers you describe are typical of either OD and AD based accounts. I don't recall where OD account UIDs start. I believe AD starts at 1000 and up. You may be better off with a command that will look through everything up to the start of your directory based accounts and excluding 501. But you can do it however you want.

here is a perl subroutine that checks for local users, and reports true, you could edit the else section and delete the accounts or whatever else if you so desire.

sub checkForLocalUsers { my $rc = 'false'; my $user_dir = '/private/var/db/dslocal/nodes/Default/users'; my $dscl_cmd = 'dscl . -read Users/'; my @userlist; opendir E, $user_dir or die "Users Directory $! "; @userlist = readdir(E); closedir E; foreach my $u (@userlist) { next if $u =~ /^_/; next if $u =~ /^./; (my $uname = $u) =~ s/.plist$//; my $newcmd = $dscl_cmd . $uname . " UniqueID"; my $uid = (split /:/, `$newcmd`)[1]; if ($uid < 501) { next; } else { $rc = 'true'; last; } } return $rc;
}