-
Notifications
You must be signed in to change notification settings - Fork 2
/
mobilelocal.sh
145 lines (120 loc) · 4.18 KB
/
mobilelocal.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
#!/bin/bash
# Recreate account.sh
#
# This script is designed to remove a mobile user account and re-create
# a local account with the same username and the password from user-input.
# It will also give read/write permissions to the user's home folder.
#Gets the short name of the currently logged in user
loggedInUser=`python -c 'from SystemConfiguration import SCDynamicStoreCopyConsoleUser; import sys; username = (SCDynamicStoreCopyConsoleUser(None, None, None) or [None])[0]; username = [username,""][username in [u"loginwindow", None, u""]]; sys.stdout.write(username + "\n");'`
echo $loggedInUser
#Get loggedInUser UID
UserUID=`dscl . read /Users/"$loggedInUser" UniqueID | grep UniqueID: | cut -c 11-`
#Exit if UID is under 1000 (local account)
if [[ "$UserUID" -lt 1000 ]]; then
echo "Not a mobile account, exiting"
exit 2
else
#Gets the real name of the currently logged in user
userRealName=`dscl . -read /Users/$loggedInUser | grep RealName: | cut -c11-`
if [[ -z $userRealName ]]; then
userRealName=`dscl . -read /Users/$loggedInUser | awk '/^RealName:/,/^RecordName:/' | sed -n 2p | cut -c 2-`
echo userRealName
fi
#Prompts user to enter their login password
loginPassword=`/usr/bin/osascript <<EOT
tell application "System Events"
activate
set myReply to text returned of (display dialog "Please enter your login password." ¬
default answer "" ¬
with title "IT" ¬
buttons {"Continue."} ¬
default button 1 ¬
with hidden answer)
end tell
EOT`
#Confirm password.
confirmPassword=`/usr/bin/osascript <<EOT
tell application "System Events"
activate
set myReply to text returned of (display dialog "Please confirm your password" ¬
default answer "" ¬
with title "IT" ¬
buttons {"Continue."} ¬
default button 1 ¬
with hidden answer)
end tell
EOT`
defaultPasswordAttempts=1
#Checks to make sure passwords match, if they don't displays an error and prompts again.
while [ $loginPassword != $confirmPassword ] || [ -z $loginPassword ]; do
`/usr/bin/osascript <<EOT
tell application "System Events"
activate
display dialog "Passwords do not match. Please try again." ¬
with title "IT" ¬
buttons {"Continue."} ¬
default button 1
end tell
EOT`
loginPassword=`/usr/bin/osascript <<EOT
tell application "IT"
activate
set myReply to text returned of (display dialog "Please enter your login password." ¬
default answer "" ¬
with title "Ruyton IT" ¬
buttons {"Continue."} ¬
default button 1 ¬
with hidden answer)
end tell
EOT`
confirmPassword=`/usr/bin/osascript <<EOT
tell application "System Events"
activate
set myReply to text returned of (display dialog "Please confirm your password" ¬
default answer "" ¬
with title "IT" ¬
buttons {"Continue."} ¬
default button 1 ¬
with hidden answer)
end tell
EOT`
defaultPasswordAttempts=$((defaultPasswordAttempts+1))
if [[ $defaultPasswordAttempts -ge 5 ]]; then
`/usr/bin/osascript <<EOT
tell application "System Events"
activate
display dialog "You have entered mis-matching passwords five times. Please come to the IT desk for assistance." ¬
with title "IT" ¬
buttons {"Continue."} ¬
default button 1
end tell
EOT`
echo "Entered mis-matching passwords too many times."
exit 1
fi
done
#This will delete the currently logged in user
dscl . delete /Users/$loggedInUser
#Gets the current highest user UID
maxid=$(dscl . -list /Users UniqueID | awk '{print $2}' | sort -ug | tail -1)
#New UID for the user
newid=$((maxid+2))
#Creating the new user
dscl . -create /Users/"$loggedInUser"
dscl . -create /Users/"$loggedInUser" UserShell /bin/bash
dscl . -create /Users/"$loggedInUser" RealName "$userRealName"
dscl . -create /Users/"$loggedInUser" UniqueID "$newid"
dscl . -create /Users/"$loggedInUser" PrimaryGroupID 80
#Set the user's password to the one entered prior
dscl . -passwd /Users/"$loggedInUser" "$loginPassword"
#Makes the user an admin
dscl . -append /Groups/admin GroupMembership "$loggedInUser"
#Reset ownership on home directory and append location
chown -R "$loggedInUser":staff /Users/"$loggedInUser"
dscl . -append /Users/"$loggedInUser" NFSHomeDirectory /Users/"$loggedInUser"/
#Delete the user's keychain folder.
#rm -Rf /Users/$loggedInUser/Library/Keychains/*
echo "Script successful."
fi
sleep 3
ps -Ajc | grep loginwindow | awk '{print $2}' | xargs kill -9