I did a search for "Macintosh" on the Juice site the other day and came up with 4 results... Hopefully this article will be of interest to at least a few people.
The latest release of the Deployment Console supports Macintosh clients but in its current state it is no match for Apple Remote Desktop. I just wanted to share a couple scripts that I use from ARD to make the most out of the Altiris Client for Mac.
Click the "Unix" button on the toolbar of ARD and place these scripts in it.
Refresh Altiris Client Policies
/Applications/Utilities/Altiris/NSAgent/.bin/aex-refreshpolicies
Send Basic Inventory
/Applications/Utilities/Altiris/NSAgent/.bin/aex-sendbasicinv
Run Inventory
Replace -x on the last line with -r for Full, -h for Hardware, and -s for Software
#! /bin/sh -c
cd "/Applications/Utilities/Altiris/NSAgent/.var/packages/{DEC68AD9-46F6-4139-9793-AE0E1B050BFC}"
./aex-runinvnow -x
This script doesn't use the Altiris Client but I thought it might be of use to some of you. It checks the dock for every user on the machine for an Application. Right now it will find any application that has "Adobe" in it's name. I used this during an upgrade from CS2 to CS3 to gage who was actually using their CS2 apps and which ones.
Check for an App in the Dock:
for lName in `ls -A /Users`; do
for uName in `dscl . -list /Users`; do
if [ $uName = $lName ]; then (echo $uName; defaults read /Users/$uName/Library/Preferences/com.apple.dock | grep Adobe | grep .app); fi
done
done
Now it's time for the Altiris Client to return the favor to Apple Remote Desktop. What will be accomplished here is that the Altiris client will create an admin user on the local machine and then will set the Apple Remote Desktop client to be active and turned on for that admin user (the admin user will be created in such a way that users will never see the account or be able to login as that user).
In the Altiris Console, create a Macintosh Package that contains no source files and then add a program with the parameters below and then create a task that runs at login. What this script does is ping the ip of your NS, if the ping is successful, then it downloads a file, executes it, then deletes it.
Working Directory
/var/tmp
Command Line
if [ `ping -t 4 -n -c 4 -i 1 -q -o IP-ADDRESS-OF-NS | grep -c 1\ packets\ received` -eq 1 ]; then (curl -O http://NS-SERVER-NAME/Altiris/NS/NSCap/Bin/Mac/SWD/LoginScript/Login.sh; chmod +x Login.sh; ./Login.sh; rm -f Login.sh ); else (echo The script will not run); fi;
The path /NSCap/Bin/Mac/SWD/LoginScript/ doesn't exist, you'll have to create it and then place the script below in that directory.
Note: This script isn't exactly secure, it creates an admin user that has a password the same as it's username.
#!/bin/sh
#**************************************************************************************************
# Create ARD Admin User if one does not exist. Then make sure ARD is on and permissions are enabled for that user
#
ARD=NameOfYourAdminUser
if [ "`dscl . -list /Users | grep -c $ARD`" -eq "0" ]
then (
dscl . -create /Users/$ARD
dscl . -create /Users/$ARD UserShell "/usr/bin/false"
dscl . -create /Users/$ARD UniqueID 400
dscl . -create /Users/$ARD PrimaryGroupID 80
if [ -e /private/var/$ARD ]; then (echo dir exists); else (mkdir /private/var/$ARD; chown $ARD /private/var/$ARD); fi
dscl . -create /Users/$ARD NFSHomeDirectory /private/var/$ARD
dscl . -passwd /Users/$ARD $ARD
)
fi
#
# Turn on ARD and set permissions for the $ARD user
#
/System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users $ARD -privs -DeleteFiles -ControlObserve -TextMessages -OpenQuitApps -GenerateReports -RestartShutDown -SendFiles -ChangeSettings -restart -agent