macoslaps-install

1.  
2. USERNAME=it
3. macOSLAPSDownloadURL="https://github.com/joshua-d-miller/macOSLAPS/releases/download/4.0.0(845)/macOSLAPS-Binary-4.0.0.845.pkg"
4. installerchoices='<?xml version="1.0" encoding="UTF-8"?>
5. <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
6. <plist version="1.0">
7. <array>
8. <dict>
9. <key>attributeSetting</key>
10. <integer>1</integer>
11. <key>choiceAttribute</key>
12. <string>selected</string>
13. <key>choiceIdentifier</key>
14. <string>installer_choice_1</string>
15. </dict>
16. <dict>
17. <key>attributeSetting</key>
18. <integer>0</integer>
19. <key>choiceAttribute</key>
20. <string>selected</string>
21. <key>choiceIdentifier</key>
22. <string>installer_choice_2</string>
23. </dict>
24. </array>
25. </plist>'
26.  
27. function create_it_user () {
28. FULLNAME="IT"
29. #Initially just put the computers serial number as the password. This is just temporary!
30. PASSWORD=$(system_profiler SPHardwareDataType | grep 'Serial Number (system)' | awk '{print $NF}')
31. SECONDARY_GROUPS="staff"
32.  
33. MAXID=$(dscl . -list /Users UniqueID | awk '{print $2}' | sort -ug | tail -1)
34. USERID=$((MAXID+1))
35.  
36. # Create the user account
37. dscl . -create /Users/$USERNAME
38. dscl . -create /Users/$USERNAME UserShell /bin/bash
39. dscl . -create /Users/$USERNAME RealName "$FULLNAME"
40. dscl . -create /Users/$USERNAME UniqueID "$USERID"
41. dscl . -create /Users/$USERNAME PrimaryGroupID 20
42. dscl . -create /Users/$USERNAME NFSHomeDirectory /Users/$USERNAME
43. dscl . -create /Users/$USERNAME IsHidden 1
44.  
45. dscl . -passwd /Users/$USERNAME $PASSWORD
46.  
47. dscl . -append /Groups/admin GroupMembership $USERNAME
48. # Add user to any specified groups
49. for GROUP in $SECONDARY_GROUPS ; do
50. dseditgroup -o edit -t user -a $USERNAME $GROUP
51. done
52.  
53. defaults write /Library/Preferences/com.apple.loginwindow HiddenUsersList -array-add "$USERNAME"
54.  
55. curl -L -o /tmp/macOSLAPS.pkg $macOSLAPSDownloadURL
56. echo "$installerchoices" > /tmp/InstallerChoices.xml
57. installer -applyChoiceChangesXML /tmp/InstallerChoices.xml -pkg /tmp/macOSLAPS.pkg -target /
58. rm /tmp/macOSLAPS.pkg
59. rm /tmp/InstallerChoices.xml
60.  
61. file="/private/etc/paths.d/laps"
62.  
63. if [ -f "$file" ] ; then
64. rm "$file"
65. fi
66.  
67. # Call macOSLAPS to set password. This could be commented out and keep the serialnumber
68. # as the password until it forces the change with the custom attribute instead
69. /usr/local/laps/macOSLAPS
70.  
71.  
72. # Create the home directory
73. #createhomedir -c -u $USERNAME > /dev/null
74.  
75. # Make user standard user instead of admin. Do not implement for now.
76. #echo "Removing other users from admin group..."
77. #adminUsers=$(dscl . -read Groups/admin GroupMembership | cut -c 18-)
78.  
79.  
80. #for user in $adminUsers
81. #do
82. # if [ "$user" != "root" ] && [ "$user" != "it" ]
83. # then
84. # dseditgroup -o edit -d $user -t user admin
85. # if [ $? = 0 ]; then echo "Removed user $user from admin group"; fi
86. # else
87. # echo "Admin user $user left alone"
88. # fi
89. #done
90.  
91. }
92.  
93. function downloadmacOSLAPS () {
94. curl -L -o /tmp/macOSLAPS.pkg $macOSLAPSDownloadURL
95. echo "$installerchoices" > /tmp/InstallerChoices.xml
96. installer -applyChoiceChangesXML /tmp/InstallerChoices.xml -pkg /tmp/macOSLAPS.pkg -target /
97. rm /tmp/macOSLAPS.pkg
98. rm /tmp/InstallerChoices.xml
99. file="/private/etc/paths.d/laps"
100.  
101. if [ -f "$file" ] ; then
102. rm "$file"
103. fi
104. }
105.  
106. function letsGo () {
107. if id -u "it" >/dev/null 2>&1; then
108. downloadmacOSLAPS
109. else
110. create_it_user
111. fi
112. }
113.  
114. letsGo