Skip to main content
Solved

Setting a specific user for remote management

salmon
Forum|alt.badge.img+9

I want to create a policy that will set a specific user that can access Remote Management on our managed computers. Used 6 different scripts I found here and they all seem to set Remote Login with Only these users (and there is no one in the user list).
Here is the latest from Apple's latest ARD (3.9)
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users specificuser -privs -all -restart -agent -menu

If I run this on the laptop in Terminal it does select Remote Management, but if I run this as a script, it will select Remote Login. The first time I ran it in Terminal low and behold the specificuser showed up. The next time I tested it in command line the Only Allow These Users had no name in it.
That is what I am experiencing with ALL the scripts running as a policy script. None populate the specificuser and all activate only remote login. I am new to using scripts in JSS so if I miss something obvious just slap me.

Peace,
Tom

Best answer by ryan_ball

This is what I've got:

privs="-DeleteFiles -ControlObserve -TextMessages -OpenQuitApps -GenerateReports -RestartShutDown -SendFiles -ChangeSettings"

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -access -on -privs $privs -users $targetUsername

From: https://www.jamf.com/jamf-nation/third-party-products/files/217/enableard-sh-enable-ard-and-configure-remote-management-settings

View original
Did this topic help you find an answer to your question?

6 replies

A
Forum|alt.badge.img+5
  • Aguiness
  • Contributor
  • 30 replies
  • August 13, 2018

Hi
I have done this recently as long as you specify the user in the script it will work
I usually create the user then enable th user for ARD in. The same script

salmon
Forum|alt.badge.img+9
  • salmon
  • Author
  • Contributor
  • 22 replies
  • August 13, 2018

The user is already on the device and in the script I think I specify the user (i called specifiuser). Am I doing something wrong?

R
Forum|alt.badge.img+18
  • ryan_ball
  • Contributor
  • 475 replies
  • Answer
  • August 13, 2018

This is what I've got:

privs="-DeleteFiles -ControlObserve -TextMessages -OpenQuitApps -GenerateReports -RestartShutDown -SendFiles -ChangeSettings"

/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -access -on -privs $privs -users $targetUsername

From: https://www.jamf.com/jamf-nation/third-party-products/files/217/enableard-sh-enable-ard-and-configure-remote-management-settings

S
M
K
3 people like this
  • S
    SlidewaysF30
  • M
    MikeMcD
  • K
    Ke_ReM
salmon
Forum|alt.badge.img+9
  • salmon
  • Author
  • Contributor
  • 22 replies
  • August 14, 2018

I modified yours slightly (added the definition for the use name), but it got me the most successes. Again a little strange behavior, at first the name did not show up yet all the settings did. Then as I was rebooting and checking to see if anything was causing issues or blocking the script, the name showed up. So, I will give you the Solved. Thank you for your help.
Peace,
Tom

D
Forum|alt.badge.img+4
  • diegogut90
  • Contributor
  • 17 replies
  • June 3, 2019

@salmon Can you post the script here, I'm trying to do the same but I'm not getting any success. thanks

salmon
Forum|alt.badge.img+9
  • salmon
  • Author
  • Contributor
  • 22 replies
  • June 3, 2019

Yikes....I will look at my scripts and will post. That was a year ago! My mind is mush.

Reply


Most helpful members this week

Terms & ConditionsCookie settingsAccessibility statement

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings