Skip to main content

Createmobileaccount and add to admin using bash script.

         I got a request to simplify the process of addition of mobile accounts to macs from our local techs. Their primary complaint was that the script we used currently to create mobile accounts from AD creadentials was terminal based and hence confusing. Our local network is waay too slow for network users to just login, hence the necessity of adding mobile accounts. I created a bash script with interactive dialogs which would run as a policy in JAMF Self Service. All the tech would need to do is run the policy and enter the AD username for which the mac was to be configured.
   As usual free to use as long as i'm credited.

#!/bin/sh
#createmobileuser.sh interactive app to create mobile accounts by checking AD.
#created by tausif
checkAD=`/usr/bin/dscl localhost -list . | grep "Active Directory"`
if [ "${checkAD}" != "Active Directory" ]; then
          osascript -e 'tell application "System Events" to display dialog "A This machine is not bound to Active Directory" & "\nExiting" with title "Not on CORP Domain" buttons {"OK"} default button 1 giving up after 300 with icon 0'
exit 1
else

activeDirectoryPrompt=$(/usr/bin/osascript << EOF
tell application "System Events" to display dialog "Please the user's Active Directory login ID:" default answer "CORP ID..." with title "Mobile account created" buttons {"Continue"} default button "Continue" giving up after 300 with icon note
set activeDirectoryPrompt to the text returned of result
EOF)
FirstName="`/usr/bin/dscl /Search -read /Users/$activeDirectoryPrompt FirstName | awk '{ print $2 }'`"
LastName="`/usr/bin/dscl /Search -read /Users/$activeDirectoryPrompt LastName | awk '{ print $2 }'`"
RealName="$FirstName $LastName"
confirm=$(osascript -e 'tell application "System Events" to display dialog " Is the user named: '$FirstName' '$LastName' ?" with title "Please Click Yes or no" buttons {"Yes", "No"} default button "Yes" giving up after 300 with icon path to resource "AccountsPref.icns" in bundle "/System/Library/PreferencePanes/Accounts.prefPane/Contents/Resources"')
if [[ $confirm =~ Yes ]];
then
#create mobile account and log all messages, this is necessary as the command spews some weird messages.
/System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -v -n $activeDirectoryPrompt &>/private/var/log/mobacc.log
dscl . -append /Groups/admin GroupMembership $activeDirectoryPrompt
osascript -e 'tell application "System Events" to display dialog "Account created." with title "Account created." buttons {"Ok"} default button "Ok" giving up after 300 with icon path to resource "AccountsPref.icns" in bundle "/System/Library/PreferencePanes/Accounts.prefPane/Contents/Resources"'
exit 0
else
osascript -e 'tell application "System Events" to display dialog "Incorrect username. Account creation has ended." with title "Incorrect Username" buttons {"Ok"} default button "Ok" giving up after 300 with icon path to resource "AccountsPref.icns" in bundle "/System/Library/PreferencePanes/Accounts.prefPane/Contents/Resources"'
fi
fi
exit 0

Comments

Popular posts from this blog

Removing corporate wireless restrictions completely : "The policies of your network prevent the creation of ad hoc (computer-to-computer) networks. For more information, contact your system administrator."

So i was recently tasked with removing wireless restrictions from a VP's windows 7 laptop that some infrastructure company had placed while contracted with our network, since he needed to enable setting up of adhoc connections on his laptop and he always got

"The policies of your network prevent the creation of ad hoc (computer-to-computer) networks. For more information, contact your system administrator."


A little bit of probing revealed that adhoc and peer to peer connections were blocked as evidenced by the the command 

netsh wlan show filter on an  elevated command prompt revealed that adhoc network type was blocked by group policy:

I removed the restrictions by:

1: open services.msc as administrator, scroll down to WLAN AutoConfig:

To Unlock Windows Update locked due to group policy.

To Unlock Windows Update locked due to group policy.




Open gpedit.msc and browse to the location /Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication Settings and double click "turn off access to all windows update features" and set it to disabled.

Migrating Outlook Profile to Office 365

We had a migration from Hosted Exchange to Office 365 and i was tasked with automating the local Outloook profile migration for Users:

I Created a GUI utility using powershell which would allow users to create an Office365 Profile and set it as default, I prepared PRF files for each version of office and an autodiscover.xml to be used for local autodiscover and uploaded them to a hosted site:

The PRF file to set settings for Office 365 are hard to find: i used the below entries:


;AutomaticallygeneratedPRFfilefromtheMicrosoftOfficeCustomizationandInstallationWizard;**************************************************************;Section1-ProfileDefaults;**************************************************************[General]Custom=1ProfileName=%UserName%-O365DefaultProfile=YesOverwriteProfile=YesModifyDefaultProfileIfPresent=false;**************************************************************;Section2-ServicesinProfile;**************************************************************[Service…