Login Hook

Configuration des Login Hook sur Jamf JSS

 

Configuring Login/Logout Hooks

 

 

MCX, Configuration Profiles and Login Scripts

# defaults write /private/var/root/Library/Preferences/com.apple.loginwindow EnableMCXLoginScripts TRUE

# defaults write /private/var/root/Library/Preferences/com.apple.loginwindow MCXScriptTrust TRUE

( ~root/… = /private/var/root/… )

 

Managing the File Extension Whitelist

$ curl -u froulet 'https://mdm-apple.epfl.ch:8443/JSSResource/allowedfileextensions'

{"allowed_file_extensions":[{"id":1,"extension":"xlt"},{"id":2,"extension":"xlw"},{"id":3,"extension":"laccdb"},{"id":4,"extension":"docb"},{"id":5,"extension":"mobileprofile"},{"id":6,"extension":"mobileprovision"},{"id":7,"extension":"csv"},{"id":8,"extension":"gslides"},{"id":9,"extension":"mpkg"},{"id":10,"extension":"bzip2"},{"id":11,"extension":"bak"},{"id":12,"extension":"der"},{"id":13,"extension":"gsheet"},{"id":14,"extension":"xml"},{"id":15,"extension":"tmp"},{"id":16,"extension":"xlam"},{"id":17,"extension":"ppam"},{"id":18,"extension":"pem"},{"id":19,"extension":"keystore"},{"id":20,"extension":"docm"},{"id":21,"extension":"ipa"},{"id":22,"extension":"zip"},{"id":23,"extension":"cdb"},{"id":24,"extension":"otf"},{"id":25,"extension":"std"},{"id":26,"extension":"stc"},{"id":27,"extension":"7z"},{"id":28,"extension":"ibooks"},{"id":29,"extension":"fodp"},{"id":30,"extension":"fods"},{"id":31,"extension":"png"},{"id":32,"extension":"fodt"},{"id":33,"extension":"sti"},{"id":34,"extension":"diff"},{"id":35,"extension":"odb"},{"id":36,"extension":"ott"},{"id":37,"extension":"odf"},{"id":38,"extension":"odg"},{"id":39,"extension":"sdf"},{"id":40,"extension":"stw"},{"id":41,"extension":"doc"},{"id":42,"extension":"odm"},{"id":43,"extension":"accdb"},{"id":44,"extension":"odp"},{"id":45,"extension":"accda"},{"id":46,"extension":"fodg"},{"id":47,"extension":"pkcs12"},{"id":48,"extension":"odt"},{"id":49,"extension":"ods"},{"id":50,"extension":"xltx"},{"id":51,"extension":"gdoc"},{"id":52,"extension":"pfx"},{"id":53,"extension":"log"},{"id":54,"extension":"accde"},{"id":55,"extension":"dot"},{"id":56,"extension":"accdr"},{"id":57,"extension":"pptm"},{"id":58,"extension":"cer"},{"id":59,"extension":"ppsx"},{"id":60,"extension":"plist"},{"id":61,"extension":"jks"},{"id":62,"extension":"maf"},{"id":63,"extension":"pot"},{"id":64,"extension":"accdt"},{"id":65,"extension":"xltm"},{"id":66,"extension":"epub"},{"id":67,"extension":"mam"},{"id":68,"extension":"jpeg"},{"id":69,"extension":"vsx"},{"id":70,"extension":"maq"},{"id":71,"extension":"key"},{"id":72,"extension":"mar"},{"id":73,"extension":"dotx"},{"id":74,"extension":"xlsx"},{"id":75,"extension":"mat"},{"id":76,"extension":"ppd"},{"id":77,"extension":"rtf"},{"id":78,"extension":"gzip"},{"id":79,"extension":"mobileconfig"},{"id":80,"extension":"dotm"},{"id":81,"extension":"ppsm"},{"id":82,"extension":"docx"},{"id":83,"extension":"asc"},{"id":84,"extension":"txt"},{"id":85,"extension":"pps"},{"id":86,"extension":"ppt"},{"id":87,"extension":"xlsm"},{"id":88,"extension":"xlsb"},{"id":89,"extension":"vtx"},{"id":90,"extension":"bmp"},{"id":91,"extension":"p7m"},{"id":92,"extension":"numbers"},{"id":93,"extension":"vdx"},{"id":94,"extension":"potm"},{"id":95,"extension":"p12"},{"id":96,"extension":"tif"},{"id":97,"extension":"pages"},{"id":98,"extension":"gtable"},{"id":99,"extension":"dat"},{"id":100,"extension":"sldm"},{"id":101,"extension":"sldx"},{"id":102,"extension":"ics"},{"id":103,"extension":"html"},{"id":104,"extension":"sxd"},{"id":105,"extension":"sxc"},{"id":106,"extension":"keynote"},{"id":107,"extension":"ade"},{"id":108,"extension":"tar"},{"id":109,"extension":"sxi"},{"id":110,"extension":"prf"},{"id":111,"extension":"sxm"},{"id":112,"extension":"adn"},{"id":113,"extension":"mdb"},{"id":114,"extension":"mda"},{"id":115,"extension":"adp"},{"id":116,"extension":"mdf"},{"id":117,"extension":"mde"},{"id":118,"extension":"pptx"},{"id":119,"extension":"sxw"},{"id":120,"extension":"mdn"},{"id":121,"extension":"mdt"},{"id":122,"extension":"psd"},{"id":123,"extension":"mdw"},{"id":124,"extension":"tiff"},{"id":125,"extension":"gif"},{"id":126,"extension":"pkg"},{"id":127,"extension":"certSigningRequest"},{"id":128,"extension":"xsn"},{"id":129,"extension":"tsv"},{"id":130,"extension":"json"},{"id":131,"extension":"bz2"},{"id":132,"extension":"jpg"},{"id":133,"extension":"crt"},{"id":134,"extension":"manifest"},{"id":135,"extension":"ttf"},{"id":136,"extension":"ldb"},{"id":137,"extension":"gdraw"},{"id":138,"extension":"pdf"},{"id":139,"extension":"potx"},{"id":140,"extension":"xlm"},{"id":141,"extension":"vpptoken"},{"id":142,"extension":"xll"},{"id":143,"extension":"xls"},{"id":144,"extension":"dmg"},{"id":145,"extension":"scpt"},{"id":146,"extension":"sh"}]}

 

 

Login Script original Apple sur le client
$ plutil -convert xml1 -o - /Library/Managed\ Preferences/com.apple.mcxloginscripts.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>PayloadUUID</key>
    <string>52507ADA-037C-48C2-AFB7-E2F7CABE982E</string>
    <key>_manualProfile</key>
    <true/>
    <key>loginscripts</key>
    <array>
        <dict>
            <key>filedata</key>
            <data>
            IyEvYmluL3NoCiMgVGVzdCBFbXB0eSBTaGVsbCBTY3JpcHQKZGF0
            ZSA+PiAvdmFyL3RtcC9qYW1mLTAxLmxvZwojIGVuZCBvZiBzY3Jp
            cHQK
            </data>
            <key>filename</key>
            <string>Test.sh</string>
        </dict>
    </array>
    <key>logoutscripts</key>
    <array>
        <dict>
            <key>filedata</key>
            <data>
            IyEvYmluL3NoCiMgVGVzdCBFbXB0eSBTaGVsbCBTY3JpcHQKZGF0
            ZSA+PiAvdmFyL3RtcC9qYW1mLTAyLmxvZwojIGVuZCBvZiBzY3Jp
            cHQK
            </data>
            <key>filename</key>
            <string>TestOUT.sh</string>
        </dict>
    </array>
    <key>skipLoginHook</key>
    <false/>
    <key>skipLogoutHook</key>
    <false/>
</dict>
</plist>
Login Script de Jamf
$ cd /Library/Application\ Support/JAMF/ManagementFrameworkScripts/
Login Window on client
$ defaults read /Library/Preferences/com.apple.loginwindow.plist
{
    GuestEnabled = 0;
    Hide500Users = 1;
    MCXLaunchAfterUserLogin = 1;
    MCXLaunchOnUserLogout =     {
        froulet = 1;
    };
    OptimizerLastRunForBuild = 32490976;
    OptimizerLastRunForSystem = 168494592;
    SHOWFULLNAME = 1;
    lastLoginPanic = "547987845.895589";
    lastUser = loggedIn;
    lastUserName = froulet;
}