Tag: scripts
-
Script to find application architectures on your Mac
Apple has once again switched architectures. It used to be a switch from PowerPC to Intel. Now it is a switch from Intel to Apple Silicon. Vendors are in the process of switching from releasing Intel only or separate Intel and Silicon binaries to releasing universal binaries (that will work on both Intel and Silicon),…
-
Updates to the AutoPkgReviewAndRun.py script
3.5 years ago, I created a script to automate running AutoPkg recipes while also verifying trust info and prompting the user to approve or deny any changes. With some prompting from some folks on the #autopkg channel of the MacAdmins Slack, I made a few changes to the script: You can now run the script…
-
Running daily, weekly, and monthly scripts in macOS using periodic
Background I was looking for time-based project similar to Outset (which runs boot and login scripts stored in various directories), and apparently there’s one already baked into macOS that will run daily, weekly, and monthly scripts. Shoutout to @elios on the MacAdmins Slack for letting me know about periodic Launch Daemons If you run sudo…
-
Python script to list software available in a Munki repo
I created a small project (for fun) to list out software available in a Munki repo. It’s called MunkiItemsList. On a basic level, it looks for all the items that are listed in any optional installs manifest, and then lists out the display name, description, and highest version available. There are some additional options described…
-
Python 3 script to add optional installs to the SelfServeManifest
Two years ago, I wrote a bash script that adds a bunch of optional installs to the SelfServeManifest using /usr/libexec/PlistBuddy, which is a fine tool, but it can get bit messy sometimes. I did play around with using /usr/local/munki/manifestutil, but it got a bit convoluted, and I figured “Hey, why not just write it in…
-
TCC in Mojave doesn’t prevent deleting local folders for AD-bound Macs
Note: We’re currently using a setup of Force local home directory on startup disk for AD-bound Macs instead of Create mobile account at login or Use UNC path from Active Directory to derive network home location—so if you’re using either of those other options, your mileage may vary—definitely do some testing! This is also as…
-
Use the command-line to set a firmware password on macOS
For extra security, you can add a firmware password to Macs, especially since Find My Mac is essentially useless (unlike for iPads, which have an activation lock preventing thieves from reactivating the iPad after a factory reset) and DEP-to-MDM enrollments for Macs can even be avoided by thieves if they’re resourceful enough. If you have…
-
Using an Outset boot-every script to add default applications via Munki
In Bash script to add optional installs for Munki, I introduced a script that uses PlistBuddy to add optional install items to the client machine’s SelfServeManifest. I thought at first I could use that as a boot-once script for Outset, but it seemed the script ran too early (actual first boot) and then didn’t actually…
-
Using Munki to rename computers based on manifest display name, user, or notes
There may be some Mac admins who don’t really care that much about computer names. After all, especially if the computer isn’t joined to the domain (many of our machines are not), what does it matter? It’s the name that will show up in Sharing or in the Terminal.app few users use. If you do…
-
Create a Mac favorite/bookmark desktop shortcut with a script
If you want to create a bookmark for a webpage using a script (which, for example, you can run at user login), just create a script with this code: /usr/libexec/PlistBuddy -c “add :URL string ‘http://YOURWEBSITE.COM‘” ~/Desktop/BOOKMARK.webloc Just substitute in the actual website you want for YOURWEBSITE.COM and the actual name of the desktop short for…
-
Terminal command to get the full name of a Mac user
Munki-Enroll is a great little script combo that automatically changes the ClientIdentifier for Munki clients and then automatically creates a corresponding manifest on the Munki server that includes the old manifest. I wanted to tweak it quite a bit to fit some of the quirks of how our organization does Munki client manifests, so I…
-
Putting Dockutil add/removes in arrays in Bash
Most of the time when you see scripts using Dockutil to add and/or remove items from the Dock in Mac OS X, they look like this: /usr/local/bin/dockutil –add ‘/Applications/NAMEOFAPP1.app’ –no-restart /usr/local/bin/dockutil –add ‘/Applications/NAMEOFAPP2.app’ –no-restart /usr/local/bin/dockutil –add ‘/Applications/NAMEOFAPP3.app’ –no-restart /usr/local/bin/dockutil –add ‘/Applications/NAMEOFAPP4.app’ –no-restart /usr/local/bin/dockutil –add ‘/Applications/NAMEOFAPP5.app’ –no-restart /usr/local/bin/dockutil –add ‘/Applications/NAMEOFAPP6.app’ –no-restart /usr/local/bin/dockutil –add ‘/Applications/NAMEOFAPP7.app’ –no-restart That’s…
-
Checking folder/file creation time using bash on Mac OS X
Why would you want to check the folder/file creation time in Mac OS X? Outset allows you to run login scripts at every login or only once per user. The way Outset keeps track of whether a script has been run for a user or not is in a .plist at /Users/username//Library/Preferences/com.github.outset.once.plist with the name…
-
Condition Scripts for Munki
If you’ve been using Munki for a while, you probably already know about conditional items that allow you add items to optional installs, managed installs, etc. based on a condition like whether the client is a laptop or a desktop, or whether the client is running 10.10 or 10.11. But you can also create your…
-
Creating a Munki nopkg for Remote Management
When are nopkg items in Munki appropriate? Greg Neagle (author of and primary developer on Munki) makes a good point that in most cases, a real .pkg (instead of a nopkg) is the best choice, because of versioning and receipts. One thing that nopkg items in Munki are good for, though, is checking to make…