You can configure Jamf Connect to run a script after authentication at the login window. For example, if configuring Jamf Connect with the notify screen during an Automated Device Enrollment workflow, you can add the notify screen script file path to your login window configuration profile.
Requirements
You need a script to run during the Jamf Connect login process.
- Confirm that the
RunScript loginwindow mechanism is enabled by executing the following command: authchanger -print
If the
RunScript mechanism is not included in the list of mechanisms, enable it by executing the following command:
sudo /usr/local/bin/authchanger -JamfConnect
Note:ScriptPath can run a script as the root user at every login, if defined. A script at the defined path can also run arbitrary code on every login. To avoid any malicious actions, administrators should consider defining ScriptPath as /dev/null/impossiblepath.sh if not in use. Alternatively, place an empty file at the path defined by ScriptPath (e.g touch /PathToFile/filename.sh and chmod 000 /PathToFile/filename.sh.
- Add your login script to the Jamf Connect package that includes other custom files for your deployment.
- Use your preferred configuration method to add the Script Path (
ScriptPath) to your Jamf Connect login window configuration profile.