Tracking Demobilized Accounts

Jamf Connect Documentation
Solution
Application
Jamf Connect
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

You can use Jamf Pro to track and confirm successful account demobilization on computers. This helps you determine which computers can be safely unbound from Active Directory.

  1. Create a Jamf Pro extension attribute that uses the following script as the input type:
    #!/bin/bash

NETACCLIST=$(dscl . list /Users OriginalNodeName | awk '{print $1}' 2>/dev/null)
if [ "$NETACCLIST" == "" ]; then
echo "<result>No Mobile Accounts</result>"
else
echo "<result>$NETACCLIST</result>"
fi
exit 0
  2. Create a smart group that uses the extension attribute as membership criteria, similar to the following:
    Configure criteria in Jamf Pro using the is operator and No Mobile Accounts value.
As you demobilize local accounts on computers, computers are added to the smart group.