View Self-Service-Reset-Privacy-Consent.py
#!/usr/bin/python | |
""" | |
Reset User-level Privacy Policy Controls via Jamf Self Service | |
Pass script Parameter 4 as "all" to reset privacy controls for all users on | |
the system. This parameter is optional. | |
https://www.macblog.org/post/reset-tcc-privacy/ | |
https://github.com/haircut | |
""" |
View TCC-Testing-Privacy-Policy.mobileconfig
<?xml version="1.0" encoding="UTF-8"?> | |
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
<plist version="1.0"> | |
<dict> | |
<key>PayloadContent</key> | |
<array> | |
<dict> | |
<key>Services</key> | |
<dict> | |
<key>Accessibility</key> |
View Defer-Software-Updates.mobileconfig
<?xml version="1.0" encoding="UTF-8"?> | |
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
<plist version="1.0"> | |
<dict> | |
<key>PayloadContent</key> | |
<array> | |
<dict> | |
<key>PayloadDescription</key> | |
<string></string> | |
<key>PayloadDisplayName</key> |
View tcc-reset.py
#!/usr/bin/python | |
""" | |
Completely reset TCC services database in macOS | |
Note: Both the system and individual users have TCC databases; run the script as both | |
a user and as root to completely reset TCC decisions at all levels. | |
2018-08-15: Resetting the 'Location' service fails; unknown cause | |
2018-08-16: Confirmed the 'All' service does not really reset _all_ | |
services, so individual calls to each service is necessary. |
View forget-saved-ssids.py
#!/usr/bin/python | |
# -*- coding: utf-8 -*- | |
''' | |
Forget saved SSIDs with whitelisting | |
This script removes ALL saved SSIDs on a Mac except for those configured in a | |
whitelist – see SSID_WHITELIST variable below. | |
Thanks to @sepiemoini for suggestion of "MERGE_CURRENT_SSID" behavior |
View rename-computer.py
#!/usr/bin/python | |
''' | |
Rename computer from remote CSV using Jamf binary | |
Pass in the URL to your remote CSV file using script parameter 4 | |
The remote CSV could live on a web server you control, OR be a Google Sheet | |
specified in the following format: | |
https://docs.google.com/spreadsheets/u/0/d/<document ID>/export?format=csv&id=<document ID>&gid=0 |
View bash-multiple-jamf-policies.sh
#!/bin/bash | |
# Policy IDs or custom trigger names | |
# Bash arrays are specified like the provided example; surround custom triggers with | |
# quotes, and leave policy ids as "bare" integers | |
POLICIES=( "custom" "triggers" 523 32 ) | |
for i in "${POLICIES[@]}"; do | |
# test if array element is an integer, ie. a policy id | |
if [ "$i" -eq "$i" ] 2>/dev/null |
View opendirectoryd_version.py
import subprocess | |
factoid = 'opendirectoryd_version' | |
def fact(): | |
''' | |
Returns the "project version" number used to build opendirectoryd | |
per https://support.apple.com/en-gb/HT208315 to check that | |
"Security Update 2017-001" is installed | |
''' |
View secure-root-high-sierra.sh
#!/bin/bash | |
# modified from original by Rich Trouton | |
# https://github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/block_root_account_login | |
ERROR=0 | |
# Set root password to some uuid, eg. 1730DFA3-C59B-447C-BAE8-3C3F052862A4 | |
rootpassword=$(uuidgen) |
NewerOlder