Set username based on local user account [Mac]


Hello everyone,
When we enroll our Macs we sign in with premade account from pre-stage settings for the remote management and after that we set upp the user account for the computer. In this case the Inventory > User and Location is blank.

Does anyone know any good way/script on how to fetch the local username and have it placed in the filed for 
username in Inventory > User and location?

In about 14 days we shell enroll 550 new Macs to students. We're not too interested in updating the user information manually. 😆



This was the subject of my Jamf Nation User Conference talk a couple years ago. You may find it useful.

View solution in original post


Valued Contributor

Hi @jonros 

You can use the below script to get the current loggedin user and update the inventory. If you LDAP server configured and the username matches, all the other fields in User and Location will also be populated.  



loggedInUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
jamf recon -endUsername $loggedInUser



This looked good at start. The log for the policy that was triggered after login gave me the following.Skärmavbild 2023-08-17 kl. 16.05.25.png

But when opening the computer the User and Location is still empty.


This was the subject of my Jamf Nation User Conference talk a couple years ago. You may find it useful.

Thanks a lot for that video. That was great. Can't understand I missed. :)
But when adding a username under User and Information, what if the user is not in the LDAP? Nothing special happens right?

Right. If there’s nothing to look up in LDAP, then only the username is populated and nothing else.

Now I've deployed the script on site 1 of 3, 10 computer out of 143 completed successfully of far. :) Nice to see the result after weekend or in the end of next week.
Thanks once again.

Tried your script to fetch and insert the username yesterday and it worked fine. Thought I should try a little bit more before I deploy it.

Ran as a policy

#! /bin/zsh

lastUser-$(/usr/bin/defaults read /Library/Preferences/loginwindow.plist lastUserName )

/usr/local/bin/ jamf recon -endUsername "$lastUser"

Now it fails and I get the following.

1. Executing Policy Add username

2. Running script add_username...

3. Script exit code: 126

4. Script result: 2023-08-18 13:05:00.242 defaults[869:7293] 
The domain/default pair of (/Library/Preferences/loginwindow.plist, lastUserName) does not exist
/Library/Application Support/JAMF/tmp/add_username:3: command not found: lastUser-
/Library/Application Support/JAMF/tmp/add_username:5: permission denied: /usr/local/bin/

5. Error running script: return code was 126.

The thing is that in the first test the computer was reinstalled and used for the first time.
When I after that set up som more accounts on the computer to try with by switching login, it failed after login with the other accounts. For the moment I'm reinstalling the computer to try it once again with just one account after the installation is complete.

Valued Contributor

Just a heads up that by doing this, your end-user account won't be MDM-enabled, which will mean you won't be able to deploy user-level MDM profiles to these Macs. I'm assuming it's not a requirement in your environment, but better safe than sorry.


Thank you all for the information. I'll take a look at of it when time is given :)