<html><body bgcolor="#FFFFFF"><div>Hi chaps </div><div><br></div><div>Sorry if this doesn't sound right but this us what I do, if have a policy that runs at night time only every 30mins which shutsdown a mac if no one is logged in</div><div><br></div><div>For me it was simple, when a user logs in a login hook touchs</div><div>/Library/Login/loggedinuser. Then when they logout it removed the file</div><div><br></div><div>My policy then checks if that file exists , if so is exits, if not it shutsdown.</div><div><br></div><div><br></div><div>To me that seemed the simplist, as I can reuse that log file for abu script, much easier that checking directories and users folders</div><div><br></div><div>Criss <br><br>On 7 May 2009, at 21:32, <a href="mailto:DHowell@austinisd.org">DHowell@austinisd.org</a> wrote:<br><br></div><div></div><blockquote type="cite"><div>
<br><font size="2" face="sans-serif">I found this one to work the best for
me</font>
<br>
<br><font size="2" face="sans-serif">username=`/usr/bin/w | grep console
| awk '{print $1}'`</font>
<br>
<br>
<br><font size="2" face="sans-serif">than using variable like this /Users/$username/</font>
<br>
<br>
<br>
<br>
<br><font size="2">D. Trey Howell</font>
<p><font size="2"><a href="mailto:trey.howell@austinisd.org">trey.howell@austinisd.org</a></font>
</p><p><font size="2">Desktop Engineering</font>
</p><p><mime-attachment.jpg><mime-attachment.jpg><mime-attachment.jpg><mime-attachment.jpg>
</p><p><font size="2">This email message, including all attachments, is for the
sole use of the intended recipient(s) and may contain confidential student
and/or employee information. Unauthorized use of disclosure is prohibited
under the federal Family Education Rights & Privacy Act (20 U.S.C.
§1232g, 34 CFR Part 99, 19 TAC 247.2, Gov&#8217, t Code 552.023, Educ.
Code 21.355, 29 CFR 1630.14(b)(c)). If you are not the intended recipient,
you may not use, disclose, copy or disseminate this information. Please
call the sender immediately or reply by email and destroy all copies of
the original message, including attachments.</font>
</p><p><font size="2"> </font><font size="2" face="sans-serif"><br>
</font>
<br>
<br>
<br>
</p><table width="100%">
<tbody><tr valign="top">
<td width="40%"><font size="1" face="sans-serif"><b>"Thomas Larkin"
<<a href="mailto:tlarki@kckps.org">tlarki@kckps.org</a>></b></font>
<br><font size="1" face="sans-serif"> </font>
<br><font size="1" face="sans-serif">Sent by: <a href="mailto:casper-bounces@list.jamfsoftware.com"><a href="mailto:casper-bounces@list.jamfsoftware.com">casper-bounces@list.jamfsoftware.com</a></a></font>
<p><font size="1" face="sans-serif">05/07/09 02:03 PM</font>
</p></td><td width="59%">
<table width="100%">
<tbody><tr valign="top">
<td>
<div align="right"><font size="1" face="sans-serif">To</font></div>
</td><td><font size="1" face="sans-serif">"<a href="mailto:casper@list.jamfsoftware.com">casper@list.jamfsoftware.com</a>"
<<a href="mailto:casper@list.jamfsoftware.com">casper@list.jamfsoftware.com</a>>, "Matt Oclassen" <<a href="mailto:moclassen@salesforce.com">moclassen@salesforce.com</a>></font>
</td></tr><tr valign="top">
<td>
<div align="right"><font size="1" face="sans-serif">cc</font></div>
</td><td>
</td></tr><tr valign="top">
<td>
<div align="right"><font size="1" face="sans-serif">Subject</font></div>
</td><td><font size="1" face="sans-serif">Re: [Casper] Grep(?) or other method
for a logged on user.</font></td></tr></tbody></table>
<br>
<table>
<tbody><tr valign="top">
<td>
</td><td></td></tr></tbody></table>
<br></td></tr></tbody></table>
<br>
<br>
<br><font size="3" face="Lucida Grande">Are these accounts local or part
of a directory?</font><font size="3"> </font>
<br>
<br><font size="3" face="Lucida Grande">This could be easily done a few different
ways. First and foremost I suggest anyone who manages Macs to keep
their local admin accounts hidden, in like /private/var for example. That
way it keeps them out of the /Users directory. Then all of your policies
in place for your managed users can loop through the /users directory.
Since the admin accounts won't be there you won't loop them out at
all.</font><font size="3"> </font>
<p>
<br><font size="3" face="Lucida Grande">I kind of just came up with a quick
way to do this, probably not that efficient and someone who is a better
script writer may want to try it.</font><font size="3"> </font>
</p><p>
<br><font size="3" face="Lucida Grande">#!/bin/bash</font><font size="3"> </font>
</p><p>
<br><font size="3" face="Lucida Grande">#get current user logged in</font><font size="3">
</font>
</p><p>
<br><font size="3" face="Lucida Grande">current_user=finger -lp | grep Directory
| cut -c 19-40</font><font size="3"> </font>
</p><p>
<br><font size="3" face="Lucida Grande">#now loop through users</font><font size="3">
</font>
</p><p>
<br><font size="3" face="Lucida Grande">for i in `ls /Users`</font><font size="3">
</font>
</p><p>
<br><font size="3" face="Lucida Grande">do</font><font size="3"> </font>
</p><p>
<br><font size="3" face="Lucida Grande">if [[ $i == $current_user ]]</font><font size="3">
</font>
</p><p>
<br><font size="3" face="Lucida Grande">then jamf policy -trigger MyPolicy</font><font size="3">
</font>
</p><p>
<br><font size="3" face="Lucida Grande">else echo "not in /Users"</font><font size="3">
</font>
</p><p>
<br><font size="3" face="Lucida Grande">fi</font><font size="3"> </font>
</p><p>
<br><font size="3" face="Lucida Grande">exit</font><font size="3"> </font>
<br><font size="3" face="Lucida Grande">done</font><font size="3"> </font>
</p><p>
<br><font size="3" face="Lucida Grande">This was written very quick and you
may want to write it a better way. That is where I would start though.</font><font size="3"><br>
<br>
<br>
___________________________<br>
Thomas Larkin<br>
TIS Department<br>
KCKPS USD500</font><font size="3" color="blue"><u><br>
</u></font><a href="mailto:tlarki@kckps.org"><font size="3" color="blue"><u>tlarki@kckps.org</u></font></a><font size="3"><br>
blackberry: 913-449-7589<br>
office: 913-627-0351<br>
<br>
<br>
<br>
<br>
<br>
>>> Matt Oclassen <<a href="mailto:moclassen@salesforce.com">moclassen@salesforce.com</a>> 05/07/09 1:32
PM >>></font>
<br><font size="2">Hello,<br>
<br>
I was looking for a command that I could use to verify that a user is logged
onto their machine before a policy is run (as opposed to a machine being
on, but sitting at the login screen)<br>
<br>
I want to make sure that they are logged in so they are sure to get the
messaging that this policy has run.<br>
<br>
I am imagining something like the following:<br>
<br>
If any user is logged in (except for our 2 admin accounts whose name I
can specify)<br>
<br>
Execute jamf policy –trigger “custom trigger”<br>
<br>
Else quit.<br>
<br>
Does anyone have an idea on the scripting for this?<br>
<br>
Thanks very much,<br>
Matt Oclassen<br>
<br>
Desktop Systems Specialist</font>
<br><font size="5">sales </font>
<br><font size="5" color="red">force</font><font size="5" color="#000080">.</font><font size="5" color="#808080">com</font>
<br><font size="2"><br>
<br>
</font><tt><font size="2">_______________________________________________<br>
Casper mailing list<br>
<a href="mailto:Casper@list.jamfsoftware.com"><a href="mailto:Casper@list.jamfsoftware.com">Casper@list.jamfsoftware.com</a></a><br>
</font></tt><a href="http://list.jamfsoftware.com/mailman/listinfo/casper"><tt><font size="2">http://list.jamfsoftware.com/mailman/listinfo/casper<br>
</font></tt></a>
<br>
</p></div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Casper mailing list</span><br><span><a href="mailto:Casper@list.jamfsoftware.com">Casper@list.jamfsoftware.com</a></span><br><span><a href="http://list.jamfsoftware.com/mailman/listinfo/casper">http://list.jamfsoftware.com/mailman/listinfo/casper</a></span><br></div></blockquote></body></html>