Help

System accounts showing in inventory

Go to solution
adroitboy
New Contributor III

Posted on ‎05-03-2012 11:32 AM

Hello all. I was looking through some inventory info and noticed that we have a LOT of accounts on machines in the computer details > Local User Accounts. I'm fairly sure I used to only see real user accounts and not all of the system accounts. We're running JSS 8.51 on MacOS 10.6.8. Is anyone else seeing this?

Here's a sample:

_atsserver Username: _atsserver Real name: ATS Server UID: 97 Home Directory: /var/empty Home Directory Size: 0B Admin: false FileVault 1 Enabled: false _calendar Username: _calendar Real name: Calendar UID: 93 Home Directory: /var/empty Home Directory Size: 0B Admin: false FileVault 1 Enabled: false _clamav Username: _clamav Real name: ClamAV Daemon UID: 82 Home Directory: /var/virusmails Home Directory Size: 0B Admin: false FileVault 1 Enabled: false
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
rlandgraf
Contributor

Posted on ‎05-03-2012 12:56 PM

We do not see them. Do you have the check box for Include Hidden Accounts checked in your Settings/Inventory Options/Inventory Collection Preferences/Accounts? I believe if you uncheck that you won't see them anymore.

View solution in original post

0 Kudos
7 REPLIES 7

Go to solution
rlandgraf
Contributor

Posted on ‎05-03-2012 12:56 PM

We do not see them. Do you have the check box for Include Hidden Accounts checked in your Settings/Inventory Options/Inventory Collection Preferences/Accounts? I believe if you uncheck that you won't see them anymore.

0 Kudos

Go to solution
adroitboy
New Contributor III

Posted on ‎05-03-2012 02:45 PM

That was it. Thanks!

0 Kudos

Go to solution
donmontalvo
Esteemed Contributor III

Posted on ‎05-03-2012 04:59 PM

We would disable that except that we want to see our hidden admin account in the list.

It should be possible to create an Extension Attribute that shows all accounts <500 that don't start with "_" (Underscore), I think. ;)

PS. There should also be an option in JSS to not show accounts starting with "_" (Underscore)...I'm off to the Feature Request section...

Don

--
https://donmontalvo.com
0 Kudos

Go to solution
mm2270
Legendary Contributor III

Posted on ‎05-03-2012 05:46 PM

@Don, we do exactly that with an EA. Though you can just list all accounts, then use grep to find the service accounts that should be there, provided you have a fairly consistent name for them, and are not using something very generic that the grep may also pick up, like "admin"

Something like:

dscl . -list /Users | grep <hiddenAdminName>

Then a simple if/then to test for the existence of the account and populate the result with a "Yes" or "No' depending on the result of the test.

0 Kudos

Go to solution
donmontalvo
Esteemed Contributor III

Posted on ‎05-03-2012 09:30 PM

@mm2270 Thanks Mike, I'll see if I can get an EA put together that finds the hand full of hidden admin accounts we know exist in the environment.

--
https://donmontalvo.com
0 Kudos

Go to solution
mm2270
Legendary Contributor III

Posted on ‎05-04-2012 04:37 AM

Don, look at your FR here:
https://jamfnation.jamfsoftware.com/featureRequest.html?id=306

I posted an EA for you there that will pull all those accounts into your inventory.

0 Kudos

Go to solution
donmontalvo
Esteemed Contributor III

Posted on ‎05-04-2012 06:18 AM

@mm2270 Mike, you rock! We have several analysts working on fairly large refreshes and they need this. Much appreciated!!!

--
https://donmontalvo.com
0 Kudos