[Casper] help and possible feature request, managing local users

[Thomas Larkin]

Well, where to start.... 

My environment is huge.  Over 50 buildings, over 30 servers over 6,000 clients with most of them being Macbooks.  It is a hassle to manage at times.  I am not in charge of everything nor am I management, so it puts me in a gray area at times when managing the client machines.  We have local user accounts that have been created that I want gone, however I am not sure what the names of those user accounts are.  We had a password leak and some users promoted their own accounts to admin, and I want to demote them.  We have a naming convention that starts with their graduation year.  So any user account under /Users that does not start with a number can be wiped, with one exception, the generic local account we created for local log ins just in case the network went down.  That account is called student.  I am trying to script something that will scan /Users and wipe out anything that does not start with a number.  I got some help from a bit more advanced shell scripter than myself and came up with this so far: 

#! /bin/sh 

keep="student" 

cd /Users 
[[ $(pwd) != "/Users" ]] && echo warning cd failed && exit 2 

for a in [^0-9]* ; do # only loop over names that doen't start with a number 
    [[ "$a" == "$keep" ]] && continue # skip that extra local account 
    /usr/bin/dscl . -delete /Users/$a # get rid of it 
echo 'removing user files' 

/bin/rm -rf /Users/$a 

done 

I haven't had a lot of time to test it but it basically kills everything in /Users except those that start with a number.  My next questions are, is there a Casper solution to this, and how can I demote local accounts with Casper from a local admin to a mobile or managed local user? 

Thoughts? 

Thanks for anyone brave enough to read this. 

Tom 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20081209/aa72c3b4/attachment.htm