Skip to main content
Jamf Nation, hosted by Jamf, is the largest Apple IT management community in the world. Dialog with your fellow IT professionals, gain insight about Apple device deployments, share best practices and bounce ideas off each other. Join the conversation.

Delete folder contents on logout/login - variable user


Long story short, I'm trying to create a Self Service policy that will "opt" the computer in to a policy that will wipe the specified user data upon logout/logon. Here is how I've been going about it.

  1. Create an Automator app called "". Self Service installs this to /Applications/Utilities. The app does nothing except act as a scoping mechanism.
  2. Create a second Automator app that asks the technician for a home folder name, then writes that name to a hidden text file located at /Users/Shared/.Config/HomeFolderName.txt. This app is also installed as part of the Self Service policy, and auto-launches after install.
  3. Create a script that grabs the home folder name from the hidden text file, then deletes the contents of the folders within that home folder:

var=$( cat /Users/Shared/.Config/HomeFolderName.txt)

rm -Rf /Users/$var/Applications/* /Users/$var/Desktop/* /Users/$var/Documents/* /Users/$var/Downloads/* /Users/$var/Movies/* /Users/$var/Music/* /Users/$var/Pictures/* /Users/$var/Public/*

3. Include the script in a policy that triggers every login or logout.

If I'm already logged into the machine and run "sudo jamf policy -trigger login", it totally works (even if I'm logged in with a different user account). But if I actually logout/login, it doesn't work. All logs just say that it completed successfully.

Any ideas on how to make this work?


Like Comment
Order by:
SOLVED Posted: by wesleya

We saw where the login/logout hooks were getting stomped on by the networkstatechange trigger. If this isn't a trigger you're using, it might be worth disabling this. You can find this under Computer Management - Management Framework > Check-In.

SOLVED Posted: by ryan.ball

Throw this at the bottom of the script, login/logout and see if the file even gets created to see if the script is running or not.

touch /Users/Shared/.Config/Finished.txt

if [ -f /Users/Shared/.Config/Finished.txt ]; then
    echo "File exists"
    exit 0
    echo "File does not exist"
    exit 1
SOLVED Posted: by ktaylor25

@ryan.ball, strange thing.. the Finished.txt file was not created, but the policy log says "File exists".

At any rate, I added Startup as a trigger and that seems to do the trick. No idea why it makes a difference but it's working now.. with Finished.txt and all.