smashism
/ EA-MDMEnabledUser.sh
Last active
October 21, 2025 19:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Extension attribute to see if a local user account is mdm enabled. | |
| # Based on https://derflounder.wordpress.com/2025/04/04/identifying-mdm-managed-user-accounts-on-macos-sequoia/, thanks Rich. | |
| # ekw 2025-10-16 | |
| # Get the GUID of the managed local user account | |
| MDMManagedUserGUID=$(/usr/sbin/system_profiler SPConfigurationProfileDataType | grep "Managed User" | sed -E 's/.* ([0-9A-F-]{36}) .*/\1/') | |
| # Find the username of the mdm enabled user account based on GUID |
smashism
/ sample-com.jamf.connect
Last active
October 16, 2025 19:03
Demo base config for Self Service+ menubar app when using Platform SSO created user accounts, including elevation/demotion support
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>AutoOpenAppAtLogin</key> | |
| <false/> | |
| <key>Appearance</key> | |
| <dict> | |
| <key>ShowWelcomeWindow</key> | |
| <false/> |
smashism
/ sample-com.jamf.setupmanager.plist
Created
October 16, 2025 18:55
Config used for JNUC 2025 demo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- Notes about this config (remove this section before using) --> | |
| <!-- Example plists are available at https://github.com/jamf/Setup-Manager/blob/main/ConfigurationProfile.md --> | |
| <!-- This is simply what I configured for the JNUC demo video --> | |
| <!-- Proceed with caution, you should start with an example plist and modify to your organizational requirements before using --> | |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>enrollmentActions</key> | |
| <array> |
smashism
/ com.apple.SetupAssistant.managed
Created
January 27, 2025 19:08
SkipSetupItems key for macOS Apple Intelligence (macOS 15.3+)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>SkipSetupItems</key> | |
| <array> | |
| <string>Intelligence</string> | |
| </array> | |
| </dict> | |
| </plist> |
smashism
/ test-disable-external-intelligence-integrations-ios.mobileconfig
Created
December 12, 2024 20:34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>PayloadContent</key> | |
| <array> | |
| <dict> | |
| <key>PayloadDisplayName</key> | |
| <string>Restrictions Payload</string> | |
| <key>PayloadIdentifier</key> |
smashism
/ com.apple.applicationaccess - external intelligence integration restriction
Created
December 12, 2024 18:00
Payload for com.apple.applicationaccess to restrict external intelligence integrations with Apple Intelligence as of macOS 15.2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>allowExternalIntelligenceIntegrations</key> | |
| <false/> | |
| <key>allowExternalIntelligenceIntegrationsSignIn</key> | |
| <false/> | |
| </dict> | |
| </plist> |
smashism
/ ea-external-intelligence-integration-status.sh
Created
October 25, 2024 17:58
Designed for Jamf Pro computer extension attribute configuration. Checks for presences of com.apple.siri.generativeassistentsettings in the local preferences of the logged in user and reports the status. For macOS 15.2 and later.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # determine if current user has opted-in for Generative Assistant settings for Apple Intelligence & Siri on macOS 15.2 or later | |
| # ekw 2024-10-24 | |
| # built at time of macOS 15.2 beta 1 | |
| currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' ) | |
| # global check if there is a user logged in | |
| if [ -z "$currentUser" -o "$currentUser" = "loginwindow" ]; then | |
| echo "no user logged in, cannot proceed" | |
| exit 1 | |
| fi |
smashism
/ force-quit-app.sh
Created
August 19, 2024 14:58
Force quit apps with a Self Service policy. $4 is a custom variable for "App Name" that can be supplied per policy depending on what needs to close.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| appName="$4" | |
| # Kill the app, if running | |
| echo "Killing $appName app process" | |
| killall "$appName" | |
| exit 0 |
smashism
/ apple-intelligence-optin.sh
Created
August 8, 2024 18:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # determine if current user has opted-in for Apple Intelligence on macOS 15.1 or later | |
| # ekw 2024-08-07 | |
| # built at time of macOS 15.1 beta 1 | |
| # disclaimer: forward-looking statement… this may not work forever, and likely won't be needed long-term as | |
| # MDM vendors prepare for macOS 15 support. | |
| # this EA for jamf pro is provided as-is with no warranty (express or implied). please test! | |
| currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' ) |
smashism
/ unmanage-devices-modern-auth.sh
Created
April 4, 2024 16:04
Programmatically unmanage mobile devices via Jamf Pro API using bearer-auth token authentication.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ########## | |
| # title: unmanage-devices-modern-auth.sh | |
| # author: dr. k | @smashism on github | |
| # date: 2024-03-28 | |
| # note: include jssIDs where specified, other server/cred details will | |
| # prompt when run via terminal.app | |
| # disclaimer: provided as-is with no warranty (express or implied). please test! | |
| # |
NewerOlder