Skip to main content
Jamf Nation, hosted by Jamf, is a dynamic and knowledgeable community of Apple-focused IT admins and Jamf Pro users. Join us in person, in October, for the annual Jamf Nation User Conference (JNUC) to discover new and better ways to manage Apple devices. -- Change the AD Administrative Groups


sudo <mountPoint> <computerName> <currentUsername> <groups>

If the $groups parameter is specified (parameter 4), this is the list of Active Directory groups
that will be assigned administrative privileges on the target machine.

Example values: groups=""group1,group2,..."

If no parameter is specified for parameter 4, the hardcoded value in the script will be used.


This script will modify the groups from an Active Directory domain controller that will have administrative access on the machine. This script should be run after a machine has been bound to Active Directory. The <timeout> value can be used with a hardcoded value in the script, or read in as a parameter. Since the Casper Suite defines the first three parameters as (1) Mount Point, (2) Computer Name and (3) username, we are using the fourth parameter ($4) as the passable parameter.



Generating Preview...