Posted on 01-18-2023 06:11 AM
Hi folks,
Does anyone have a reliable method for setting MS Edge as the default browser?
I came across the below script that I added to a policy that runs once per computer, but it doesn't work half of the times and I cannot pinpoint the cause.
#!/bin/bash
###
# https://github.com/palantir/jamf-pro-scripts/blob/main/scripts/Set%20Default%20Browser%20and%20Email...
# Name: Set Default Browser and Email Client.sh
# Description: Sets default browser and email client for currently logged-in user.
# Created: 2017-09-06
# Last Modified: 2020-07-08
# Version: 1.4.3
#
#
# Copyright 2017 Palantir Technologies, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
#
###
########## variable-ing ##########
# Jamf Pro script parameter "Browser Agent String"
# Should be in the format domain.vendor.app (e.g. com.apple.safari).
browserAgentString="$4"
# Jamf Pro script parameter "Email Agent String"
# Should be in the format domain.vendor.app (e.g. com.apple.mail).
emailAgentString="$5"
loggedInUser=$(/usr/bin/stat -f%Su "/dev/console")
loggedInUserHome=$(/usr/bin/dscl . -read "/Users/$loggedInUser" NFSHomeDirectory | /usr/bin/awk '{print $NF}')
launchServicesPlistFolder="$loggedInUserHome/Library/Preferences/com.apple.LaunchServices"
launchServicesPlist="$launchServicesPlistFolder/com.apple.launchservices.secure.plist"
plistbuddyPath="/usr/libexec/PlistBuddy"
plistbuddyPreferences=(
"Add :LSHandlers:0:LSHandlerRoleAll string $browserAgentString"
"Add :LSHandlers:0:LSHandlerURLScheme string http"
"Add :LSHandlers:1:LSHandlerRoleAll string $browserAgentString"
"Add :LSHandlers:1:LSHandlerURLScheme string https"
"Add :LSHandlers:2:LSHandlerRoleViewer string $browserAgentString"
"Add :LSHandlers:2:LSHandlerContentType string public.html"
"Add :LSHandlers:3:LSHandlerRoleViewer string $browserAgentString"
"Add :LSHandlers:3:LSHandlerContentType string public.url"
"Add :LSHandlers:4:LSHandlerRoleViewer string $browserAgentString"
"Add :LSHandlers:4:LSHandlerContentType string public.xhtml"
"Add :LSHandlers:5:LSHandlerRoleAll string $emailAgentString"
"Add :LSHandlers:5:LSHandlerURLScheme string mailto"
)
lsregisterPath="/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/Support/lsregister"
########## function-ing ##########
# Exits if any required Jamf Pro arguments are undefined.
function check_jamf_pro_arguments {
jamfProArguments=(
"$browserAgentString"
"$emailAgentString"
)
for argument in "${jamfProArguments[@]}"; do
if [[ -z "$argument" ]]; then
echo ":cross_mark: ERROR: Undefined Jamf Pro argument, unable to proceed."
exit 74
fi
done
}
########## main process ##########
# Exit if any required Jamf Pro arguments are undefined.
check_jamf_pro_arguments
# Clear out LSHandlers array data from $launchServicesPlist, or create new plist if file does not exist.
if [[ -e "$launchServicesPlist" ]]; then
"$plistbuddyPath" -c "Delete :LSHandlers" "$launchServicesPlist"
echo "Reset LSHandlers array from $launchServicesPlist."
else
/bin/mkdir -p "$launchServicesPlistFolder"
"$plistbuddyPath" -c "Save" "$launchServicesPlist"
echo "Created $launchServicesPlist."
fi
# Add new LSHandlers array.
"$plistbuddyPath" -c "Add :LSHandlers array" "$launchServicesPlist"
echo "Initialized LSHandlers array."
# Set handler for each URL scheme and content type to specified browser and email client.
for plistbuddyCommand in "${plistbuddyPreferences[@]}"; do
"$plistbuddyPath" -c "$plistbuddyCommand" "$launchServicesPlist"
if [[ "$plistbuddyCommand" = *"$browserAgentString"* ]] || [[ "$plistbuddyCommand" = *"$emailAgentString"* ]]; then
arrayEntry=$(echo "$plistbuddyCommand" | /usr/bin/awk -F: '{print $2 ":" $3 ":" $4}' | /usr/bin/sed 's/ .*//')
prefLabel=$(echo "$plistbuddyCommand" | /usr/bin/awk '{print $4}')
echo "Set $arrayEntry to $prefLabel."
fi
done
# Fix permissions on $launchServicesPlistFolder.
/usr/sbin/chown -R "$loggedInUser" "$launchServicesPlistFolder"
echo "Fixed permissions on $launchServicesPlistFolder."
# Reset Launch Services database.
"$lsregisterPath" -kill -r -domain local -domain system -domain user
echo "Reset Launch Services database. A restart may also be required for these new default client changes to take effect."
exit 0
Posted on 01-18-2023 06:21 AM
I don't manage the default browser choice, but are you making sure the policy only runs when there is someone logged in?
Posted on 01-18-2023 06:59 AM
@AJPinto yes, the policy runs with the user logged in.
From the logs it looks like it's run successfully, but nothing's actually written in the plist file.
The weird thing is that this only happens half of the times and when it does, if I run the same exact policy from the Self Service, it works. 😥
Posted on 01-18-2023 10:58 AM
May want to replace line 43 which should be identifying the currently logged in user with $3 and see if that changes anything. $3 is the parameter JAMF uses to identify the logged in user.
I'd need to actually read the script as it seems to be doing a decent bit. What are the logs in JAMF when the script fails?
Posted on 01-19-2023 02:52 AM
The logs in JAMF show the same results both when it works and when it doesn't:
The policy doesn't show up as "failed", but sometimes I can see the changes in the file com.apple.launchservices.secure.plist and after a restart MS Edge is correctly set as the default browser, other times this doesn't happen and I have to manually re-run the policy from the Self Service (and at that point it works).
Posted on 01-23-2023 08:13 AM
Solved on this topic
Solved: Set Microsoft Edge as Default Browser - Jamf Nation Community - 267993
Dont forget to set the bundle ID and a reboot. See images.