Posted on 04-11-2014 11:00 AM
I need your help, the answers on JAMF Nation to similar issues are not working. I have an application that I need to update called Tunnelblick (an open source VPN app). Once you update the app, it requires admin privileges on first launch to change system settings. I am trying to elevate my users to admin temporaily using the dseditgroup -o edit -a $loggedInUser -t user admin I have tried this as a shell script and run command from the advanced tab when creating a policy. I have also tried $CurrentUser in the syntax and tried using quotes. I am just not that good with shell scripts. My predicament is the fact that all my users are local to each machine with different names, and no directory services. What am I doing wrong with the script? It works if I input a single users name into the syntax but I need it to work for the current user on 110+ systems.
This is such an emergency because of the Heart Bleed ssl vulnerability. Once I get this to work. I can push the app to theirs systems and give them 5 minutes to launch the app for the first time before invoking a restart which would trigger another policy on reboot to remove admin privileges.
All systems are running 10.8.5
Thank you all in advance for your help
Posted on 04-11-2014 11:17 AM
Hi you may want to check out this article https://jamfnation.jamfsoftware.com/discussion.html?id=1296
As they recommend in that article
ls -l /dev/console | cut -d " " -f 4and then refer to it with $CurrentUser
Posted on 04-11-2014 11:54 AM