Jamf Nation Community

No, our computers are all single users [besides a localadmin] user that IT uses.

No, we don't plan on new users logging into these computers, only in the instance of a person leaving the company and the computer being repurposed.

I'm not sure how else to target this folder that is duplicated over and over in every folder inside of the /User Template folder

I'm with @bpavlov, this is a bad idea. However, the easier thing to do might be to install a fresh OS on a machine, package up the default User Template folder from that machine, and then push that out to all of them. I'd do it as an "At Login" or "At Logout" triggered policy and ask all of your users to restart.

While I agree that it might not be the best approach, because that is a very simple fix and should kinda be the close the right approach...

I think in this case I might call Apple enterprise support... I think that getting the "apple approved" way to resolve this might be a good use of a one time fee for their help...

Just an suggestion

C

Good advice, thank you.

FYI, Fill Existing Users (FEU) and Fill User Template (FUT) work with our uninstall method as well.

If you were able to figure out what package put those files down or better yet, just the which files they were, you could build a DMG with composer, index it, check the box for "Allow package to be uninstalled", create a policy to Uninstall that DMG with the same FUT box checked and it will remove just that file from all the user template folders. You dont need the original package, just a package of the bad file.

E.G. someone packaged up the latest IPSW and deployed it with FUT. Go to computer, find said file; /Users/username/Library/iTunes/iPhone Software Updates/iPhone8,1_9.3.4_13G35_Restore.ipsw and do a drag and drop package build of just that. Index in casper admin and check the box to allow uninstall.
Deploy via policy as Uninstall with the FUT box checked and it will remove that file from each of the different language based directories in /System/Library/User Template/.

This will also un-install anything else in the package so if you wanted the file to remain in the actual users directory while being removed from the User Template directory that would be trickier. This is also why id recommend just packaging up the 1 file you want deleted vs using the previous package.

On the topic of identifying the bad package / policy : I just had to do exactly that for a similar reason; some "extra data" had been captured in a Composer session and gone unnoticed until we saw the wayward files on target machines. I isolated the package by creating a test Configuration, imaging a base build Mac with none of our add-ons, and then installed them one by one until I found the one that added the unwanted files.

The source was no longer available to me but I used Pacifist to open the PKG, exported it as source, and dragged that into Composer. I them stripped out the extra stuff and repackaged it. Worked like a charm.

Yeah unfortunately this package is long gone, the files are SIP protected, 50GB worth put into all those language folders inside the User Template folder...a mess.

I can't reinstall the OS on 60 diff machines across the globe...so I'm doing to be removing the folder, and then copying an empty stock folder, and hope for the best.

I've run it as a pilot on 5 machines, no issues. Like I said, generally, our computer are one user machine, and reformatted when turned in...so hopefully this won't cause further issue. I also have the urgent need to wipe the folder, as 15 of my users are operating at 95% full hard drives.

What files are SIP protected in that folder? Because even though the User Template folder is in /System/Library/ which is SIP protected, that specific directory and its contents are not.

You dont need the original package, you just know what file it is and where it was put. So you can use the FUT with removal option to remove just that file, or use the same logic and just write a script that loops through each one of the directories and deletes that file with an rm, which technically would be less steps than wiping entire directory and places it back. We could build your removal package very quickly to accomplish this task. Id be more than happy to talk more about this if you wanted, even would be able to setup a web-ex to walk you through it, if you preferred. I can be reached by my.name@jamfsoftware.com

If the wipe method works for you, awesome, i'm just more worried about the concept of wiping the entire thing and putting it back since its an important part of the OS.