forked from talkingmoose/Jamf-Scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDeletedLocalUsers.sh
More file actions
executable file
·64 lines (49 loc) · 2.15 KB
/
DeletedLocalUsers.sh
File metadata and controls
executable file
·64 lines (49 loc) · 2.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/bin/sh
<<ABOUT_THIS_SCRIPT
-----------------------------------------------------------------------
Written by:William Smith
Professional Services Engineer
Jamf
bill@talkingmoose.net
https://github.com/talkingmoose/Jamf-Scripts
Originally posted: Feburary 21, 2017
Last updated: August 13, 2018
Purpose: Run this script as part of a Jamf Pro policy to delete
unwanted local user accounts from a Mac. The script will not affect
Active Directory mobile accounts.
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by/4.0/
"If candy is dandy but liquor is quicker, may I recommend NyQuil?"
INSTRUCTIONS
1) Log in to the Jamf Pro server.
2) In your Jamf Pro server navigate to Settings > Computer Management
> Scripts.
3) Click the " + " button to create a new script with these settings:
Display Name: Office 2016 License
Category: <your choice>
Notes: Deletes local non-mobile and non-Active Directory user accounts.
Script: < Copy and paste this entire script >
4) Save the script.
5) Add the script to a policy or run using Casper Remote.
6) Consult the Jamf Pro policy log for results of the script.
-----------------------------------------------------------------------
ABOUT_THIS_SCRIPT
# EDIT LIST: local user accounts to keep, separating them with a space
keepUsers="talkingmoose mmoose"
echo "Keeping users: $keepUsers."
# get currently logged in user
# cannot delete an active user
currentUser=$( /usr/bin/stat -f "%Su" /dev/console )
echo "Currently logged in user: $currentUser."
# create a list of local usernames (non-AD) with UIDs between 500 and 1024
userList=$( /usr/bin/dscl /Local/Default -list /Users uid | /usr/bin/awk '$2 >= 501 && $2 <= 1024 { print $1 }' )
echo "Local non-AD users with UIDs between 500 and 1024:\n$userList"
while IFS= read aUser
do
# checks to see if an O365 subscription license file is present for each user
if [[ "$keepUsers" != *"$aUser"* && "$aUser" != "$currentUser" ]] ; then
/usr/bin/dscl . delete "/Users/$aUser" # comment this line to get results of the script without making changes
echo "Deleted user: $aUser."
fi
done <<< "$userList"
exit 0