- Jamf Nation Community
- Products
- Jamf Pro
- Update User and Location
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Update User and Location
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-21-2017 11:14 AM
We've been using macmule's method for quite some time, and it's working but it creates a lot of extra junk in our users tab from local accounts mapping to AD names.
What's the easiest method of modifying for current best practices (I believe the python method of current user is preferred now) and have it run only against AD users (if a local account is decide then bypass the script)?
Labels:
- Labels:
-
Inventory (OS X)
-
Jamf Pro
-
Scripts
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-21-2017 01:31 PM
So, you're wanting to run a script on Mobile (AD) accounts only?
I believe all Mobile AD accounts have huge UUID's. You could use those.
dscl . read Users/$userName | grep -i UniqueID
My Mobile Account's UniqueID is like 625,000,000
My Local Account's UniqueID is like 80
Regards,
TJ
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-21-2017 01:41 PM
Here's the script we use to accomplish this. Only does look up for AD users.
#!/bin/bash
# Based on macmule (Ben Toms) script from MacMule.com
# CheckBinary borrowed from Rich Trouton - https://gist.github.com/rtrouton/df24a3b1162605046a9e#file-gistfile1-txt
CheckBinary (){
# Identify location of jamf binary.
jamf_binary=`/usr/bin/which jamf`
if [[ "$jamf_binary" == "" ]] && [[ -e "/usr/sbin/jamf" ]] && [[ ! -e "/usr/local/bin/jamf" ]]; then
jamf_binary="/usr/sbin/jamf"
elif [[ "$jamf_binary" == "" ]] && [[ ! -e "/usr/sbin/jamf" ]] && [[ -e "/usr/local/bin/jamf" ]]; then
jamf_binary="/usr/local/bin/jamf"
elif [[ "$jamf_binary" == "" ]] && [[ -e "/usr/sbin/jamf" ]] && [[ -e "/usr/local/bin/jamf" ]]; then
jamf_binary="/usr/local/bin/jamf"
fi
}
# Run the CheckBinary function to identify the location
# of the jamf binary for the jamf_binary variable.
CheckBinary
# Get the logged in users username
loggedInUser=`/bin/ls -l /dev/console | /usr/bin/awk '{ print $3 }'`
# Check if loggedInUser is an AD account
accountCheck=$(dscl . read /Users/$loggedInUser OriginalAuthenticationAuthority 2>/dev/null)
if [ "$accountCheck" != "" ]; then
$jamf_binary recon -endUsername $loggedInUser
else
exit 0
fi
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-21-2017 10:47 PM
@stephanpeterson are you running that script along with a LaunchAgent or just though Jamf with login trigger?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2017 07:57 AM
Hey @jhbush1973! I've been using it just through Jamf with login trigger, but just yesterday afternoon started finding machines that have broken loginhooks. Looking at moving to LaunchAgent with custom trigger.
