No subject


Thu Aug 27 03:15:02 PDT 2009 

It's easy enough with

dscl . -delete /Groups/admin GroupMembership <<username>>

However, I'd like to build in some error checking because deploy techs
will be doing this.  Basically, I'd like to take the output of:

dscl . -read /Groups/admin GroupMembership | sed -e 's/
GroupMembership://'

and check to see that the username given (passed in at $1) is present
in that list.  I've tried a case statement, but the problem with that
is that it's not matching exact strings.  So for instance, if ja12345
was in the admin group, but the command had ja1234 passed in at $1, it
would come back ok.  That should fail.  If it's successfully matched,
go ahead and run the dscl . -delete command.

You should know:  there's no standard username convention (though
we're slowly moving towards one).  Usernames may be short, may be
long, may contain upper and lowers.

Any ideas?

thanks!
---
Jared F. Nichols
Desktop Engineer, Infrastructure & Operations
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

_______________________________________________
Casper mailing list
Casper at list.jamfsoftware.com<mailto:Casper at list.jamfsoftware.com>
http://list.jamfsoftware.com/mailman/listinfo/casper



--_000_A2DBEBAD502F494A9C1EB0FA04BD2736llmitedu_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html><head></head><body style=3D"word-wrap: break-word; -webkit-nbsp-mode:=
 space; -webkit-line-break: after-white-space; ">True, but that could poten=
tially be more than 1 account.<div><br></div><div>I've got a bit of a work =
around until I can put in some proper error checking:</div><div><br></div><=
div><div><font class=3D"Apple-style-span" face=3D"Courier" size=3D"3"><span=
 class=3D"Apple-style-span" style=3D"font-size: 12px;">#! /bin/sh</span></f=
ont></div><div><font class=3D"Apple-style-span" face=3D"Courier" size=3D"3"=
><span class=3D"Apple-style-span" style=3D"font-size: 12px;"><br></span></f=
ont></div><div><font class=3D"Apple-style-span" face=3D"Courier" size=3D"3"=
><span class=3D"Apple-style-span" style=3D"font-size: 12px;">admins=3D""</s=
pan></font></div><div><font class=3D"Apple-style-span" face=3D"Courier" siz=
e=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px;">admins=
=3D`dscl . -read /Groups/admin GroupMembership | sed -e 's/GroupMembership:=
//'`</span></font></div><div><font class=3D"Apple-style-span" face=3D"Couri=
er" size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px;">=
<br></span></font></div><div><font class=3D"Apple-style-span" face=3D"Couri=
er" size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px;">=
echo</span></font></div><div><font class=3D"Apple-style-span" face=3D"Couri=
er" size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px;">=
echo "*********************************************"</span></font></div><di=
v><font class=3D"Apple-style-span" face=3D"Courier" size=3D"3"><span class=
=3D"Apple-style-span" style=3D"font-size: 12px;">echo "** &nbsp; &nbsp;BE V=
ERY CAREFUL WITH THIS UTILITY &nbsp; &nbsp;**"</span></font></div><div><fon=
t class=3D"Apple-style-span" face=3D"Courier" size=3D"3"><span class=3D"App=
le-style-span" style=3D"font-size: 12px;">echo "***************************=
******************"</span></font></div><div><font class=3D"Apple-style-span=
" face=3D"Courier" size=3D"3"><span class=3D"Apple-style-span" style=3D"fon=
t-size: 12px;">echo</span></font></div><div><font class=3D"Apple-style-span=
" face=3D"Courier" size=3D"3"><span class=3D"Apple-style-span" style=3D"fon=
t-size: 12px;">echo "To quit without making changes, press Ctrl-C"</span></=
font></div><div><font class=3D"Apple-style-span" face=3D"Courier" size=3D"3=
"><span class=3D"Apple-style-span" style=3D"font-size: 12px;">echo</span></=
font></div><div><font class=3D"Apple-style-span" face=3D"Courier" size=3D"3=
"><span class=3D"Apple-style-span" style=3D"font-size: 12px;">echo "Current=
 admins: $admins"</span></font></div><div><font class=3D"Apple-style-span" =
face=3D"Courier" size=3D"3"><span class=3D"Apple-style-span" style=3D"font-=
size: 12px;">echo</span></font></div><div><font class=3D"Apple-style-span" =
face=3D"Courier" size=3D"3"><span class=3D"Apple-style-span" style=3D"font-=
size: 12px;">echo "Please enter an admin to remove (CASE SENSITIVE!): "</sp=
an></font></div><div><font class=3D"Apple-style-span" face=3D"Courier" size=
=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px;">read use=
rname</span></font></div><div><font class=3D"Apple-style-span" face=3D"Cour=
ier" size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px;"=
><br></span></font></div><div><font class=3D"Apple-style-span" face=3D"Cour=
ier" size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px;"=
>echo "Removing $username"</span></font></div><div><font class=3D"Apple-sty=
le-span" face=3D"Courier" size=3D"3"><span class=3D"Apple-style-span" style=
=3D"font-size: 12px;">dscl . -delete /Groups/admin GroupMembership $usernam=
e</span></font></div><div><font class=3D"Apple-style-span" face=3D"Courier"=
 size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12px;">adm=
ins=3D""</span></font></div><div><font class=3D"Apple-style-span" face=3D"C=
ourier" size=3D"3"><span class=3D"Apple-style-span" style=3D"font-size: 12p=
x;">admins=3D`dscl . -read /Groups/admin GroupMembership | sed -e 's/GroupM=
embership://'`</span></font></div><div><font class=3D"Apple-style-span" fac=
e=3D"Courier" size=3D"3"><span class=3D"Apple-style-span" style=3D"font-siz=
e: 12px;">echo "Current admins: $admins"</span></font></div><div><font clas=
s=3D"Apple-style-span" face=3D"Courier" size=3D"3"><span class=3D"Apple-sty=
le-span" style=3D"font-size: 12px;">echo "Goodbye!"</span></font></div><div=
><font class=3D"Apple-style-span" face=3D"Courier" size=3D"3"><span class=
=3D"Apple-style-span" style=3D"font-size: 12px;"><br></span></font></div><d=
iv><font class=3D"Apple-style-span" face=3D"Courier" size=3D"3"><span class=
=3D"Apple-style-span" style=3D"font-size: 12px;"><br></span></font></div><d=
iv><font class=3D"Apple-style-span" face=3D"Courier" size=3D"3"><span class=
=3D"Apple-style-span" style=3D"font-size: 12px;">exit</span></font></div><d=
iv><br></div><div>j</div><div><br></div><div>
<div>---</div><div>Jared F. Nichols</div><div>Desktop Engineer, Infrastruct=
ure &amp; Operations</div><div>Information Services Department</div><div>MI=
T Lincoln Laboratory</div><div>244 Wood Street</div><div>Lexington, Massach=
usetts 02420</div><div>781.981.5436</div>
</div>
<br><div><div>On Aug 31, 2009, at 12:26 PM, Peter Gawlocki wrote:</div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><div>If the u=
sernames are not going to be similar on any particular machine &nbsp;<br>(j=
a12345, ja123456789)<br><br>You could take your input, &nbsp;ja1234 and app=
end a wildcard on the end. &nbsp;&nbsp;&nbsp;<br>Ending up with &nbsp;ja123=
4*<br><br><br>Peter<br><br><br><br><br>On Aug 31, 2009, at 12:06 PM, Nichol=
s, Jared wrote:<br><br><blockquote type=3D"cite">Hi-<br></blockquote><block=
quote type=3D"cite"><br></blockquote><blockquote type=3D"cite">Perhaps an =
=FCber script geek can lend me a hand... throwing up the bat-<br></blockquo=
te><blockquote type=3D"cite">signal...<br></blockquote><blockquote type=3D"=
cite"><br></blockquote><blockquote type=3D"cite">From the command line, I'd=
 like to remove an account's admin privs.<br></blockquote><blockquote type=
=3D"cite">It's easy enough with<br></blockquote><blockquote type=3D"cite"><=
br></blockquote><blockquote type=3D"cite">dscl . -delete /Groups/admin Grou=
pMembership &lt;&lt;username&gt;&gt;<br></blockquote><blockquote type=3D"ci=
te"><br></blockquote><blockquote type=3D"cite">However, I'd like to build i=
n some error checking because deploy techs<br></blockquote><blockquote type=
=3D"cite">will be doing this. &nbsp;Basically, I'd like to take the output =
of:<br></blockquote><blockquote type=3D"cite"><br></blockquote><blockquote =
type=3D"cite">dscl . -read /Groups/admin GroupMembership | sed -e 's/<br></=
blockquote><blockquote type=3D"cite"><a href=3D"GroupMembership://'">GroupM=
embership://'</a><br></blockquote><blockquote type=3D"cite"><br></blockquot=
e><blockquote type=3D"cite">and check to see that the username given (passe=
d in at $1) is present<br></blockquote><blockquote type=3D"cite">in that li=
st. &nbsp;I've tried a case statement, but the problem with that<br></block=
quote><blockquote type=3D"cite">is that it's not matching exact strings. &n=
bsp;So for instance, if ja12345<br></blockquote><blockquote type=3D"cite">w=
as in the admin group, but the command had ja1234 passed in at $1, it<br></=
blockquote><blockquote type=3D"cite">would come back ok. &nbsp;That should =
fail. &nbsp;If it's successfully matched,<br></blockquote><blockquote type=
=3D"cite">go ahead and run the dscl . -delete command.<br></blockquote><blo=
ckquote type=3D"cite"><br></blockquote><blockquote type=3D"cite">You should=
 know: &nbsp;there's no standard username convention (though<br></blockquot=
e><blockquote type=3D"cite">we're slowly moving towards one). &nbsp;Usernam=
es may be short, may be<br></blockquote><blockquote type=3D"cite">long, may=
 contain upper and lowers.<br></blockquote><blockquote type=3D"cite"><br></=
blockquote><blockquote type=3D"cite">Any ideas?<br></blockquote><blockquote=
 type=3D"cite"><br></blockquote><blockquote type=3D"cite">thanks!<br></bloc=
kquote><blockquote type=3D"cite">---<br></blockquote><blockquote type=3D"ci=
te">Jared F. Nichols<br></blockquote><blockquote type=3D"cite">Desktop Engi=
neer, Infrastructure &amp; Operations<br></blockquote><blockquote type=3D"c=
ite">Information Services Department<br></blockquote><blockquote type=3D"ci=
te">MIT Lincoln Laboratory<br></blockquote><blockquote type=3D"cite">244 Wo=
od Street<br></blockquote><blockquote type=3D"cite">Lexington, Massachusett=
s 02420<br></blockquote><blockquote type=3D"cite">781.981.5436<br></blockqu=
ote><blockquote type=3D"cite"><br></blockquote><blockquote type=3D"cite">__=
_____________________________________________<br></blockquote><blockquote t=
ype=3D"cite">Casper mailing list<br></blockquote><blockquote type=3D"cite">=
<a href=3D"mailto:Casper at list.jamfsoftware.com">Casper at list.jamfsoftware.co=
m</a><br></blockquote><blockquote type=3D"cite"><a href=3D"http://list.jamf=
software.com/mailman/listinfo/casper">http://list.jamfsoftware.com/mailman/=
listinfo/casper</a><br></blockquote><br></div></blockquote></div><br></div>=
</body></html>=

--_000_A2DBEBAD502F494A9C1EB0FA04BD2736llmitedu_--

More information about the Casper mailing list