Is there a way to figure out from code if a user account is actually a mobile account or active directory account or local user account (non-mobile) on Mojave?Through following code i can distinguish between local user and AD user via attribute
// 'dsAttrTypeStandard:AppleMetaNodeLocation': '/Local/Default' for Local user
// 'dsAttrTypeStandard:AppleMetaNodeLocation': '/Active Directory/ABCD/abcd.in' for Domain userfunc checkForLocalUser(name: String) -> Bool { var records = [ODRecord]() let odsession = ODSession.default() do { let node = try ODNode.init(session: odsession, type: ODNodeType(kODNodeTypeAuthentication)) let query = try ODQuery.init(node: node, forRecordTypes: kODRecordTypeUsers, attribute: kODAttributeTypeRecordName, matchType: ODMatchType(kODMatchEqualTo), queryValues: name, returnAttributes: kODAttributeTypeAllAttributes, maximumResults: 0) records = try query.resultsAllowingPartial(false) as! [ODRecord] } catch { let errorText = error.localizedDescription return false } let isLocal = records.isEmpty ? false : true return isLocal}Not sure this is the correct way to achieve this. Also, I am not able to figure out whether the user is a mobile account user or not?Please help.
Post
Replies
Boosts
Views
Activity
How to determine whether an Active Directory user is admin or not via code in swift ?Currently i am doing it this way which doesnot look correct. Please suggest a better approach.
let session = ODSession()
let node = try ODNode(session: session, type: ODNodeType(kODNodeTypeAuthentication)) let query = try ODQuery( node: node, forRecordTypes: kODRecordTypeUsers, attribute: nil, matchType: ODMatchType(kODMatchAny), queryValues: nil, returnAttributes: [ kODAttributeTypeRecordName, kODAttributeTypeEMailAddress ], maximumResults: 0 ) let records = try query.resultsAllowingPartial(false) as! [ODRecord] for record in records { let currRecordName = record.recordName if(currRecordName == username) { // 'dsAttrTypeStandard:AppleMetaNodeLocation': '/Local/Default' for Local user // 'dsAttrTypeStandard:AppleMetaNodeLocation': '/Active Directory/ABCD/abcd.in' for Domain user let localOrDomainUser = try? record.values(forAttribute: "dsAttrTypeStandard:AppleMetaNodeLocation"); let localOrDomainUserString = localOrDomainUser?[0] as! String if(localOrDomainUserString == "/Local/Default") { continue // Skip local user.. this is the case when we have both local and domain user with same name, but user has created a local user in the name "domainname\username" } let groupsAny = try? record.values(forAttribute: "memberOf"); let groups = groupsAny as? [String]; for currGroup in groups ?? [] { /* --- CN=Group Policy Creator Owners,CN=Users,DC=abcd,DC=ad,DC=def,DC=com --- CN=Domain Admins,CN=Users,DC=abcd,DC=ad,DC=def,DC=com --- CN=Enterprise Admins,CN=Users,DC=abcd,DC=ad,DC=def,DC=com --- CN=Schema Admins,CN=Users,DC=abcd,DC=ad,DC=def,DC=com --- CN=Administrators,CN=Builtin,DC=abcd,DC=ad,DC=def,DC=com */ var dnNames = currGroup.components(separatedBy: ",") // CN=Domain Admins if(dnNames.count > 0) { var groupNames = dnNames[0].components(separatedBy: "=") // Domain Admins let group = groupNames[1] if(group == "Domain Admins" || group == "Enterprise Admins" || group == "Schema Admins" || group == "DnsAdmins" || group == "Administrators") { return true } } } break } }
<body><p>I have a user in Active Directory named "alice" who is a Domain Admin. This AD is bound to mac machine.<br />I have logged in successfully with this user into my MAC machine and a mobile account has been created.<br />Now, from the Active Directory, if i make the user "alice" as non-admin, then how will this change get reflected in the mobile account?<br />Is there a way to sync between mobile account and Active Directory ?<br />What I see is that password change is getting synced with AD but not this change.<br />Please help<br /><br /><br /><br /></p> <p></p></body>
I need to Draw a Label like Sleep, restart, shutdown option in loginwindow of macos, so that it will appear correctly on all 3 OS versions High Sierra, Mojave and Catalina.I need to do this in objective c dynamically at runtime for NSTextFieldPlease suggest some solution.I need to show a label on loginwindow of mac, I am able to manipulate that window using SFAuthorizationPluginView.
I have overriden a macOS login screen with my own using SFAuthorizationPluginView.I want a way/event to detect whether we have come from login mode or sleep mode or lock mode during during login event at runtime using objective c. Is there a way?
Hi ,I am currenlty using sfauthorizationpluginview. The result is always nil for the URLData on calling the webservice on ScreenSaver or Lock Screen while the same code is working fine on accessing the login window .The issue is only lying with catalina. tested mojvae it was working fine.Code i am using :let session = URLSession.shared let ds = DispatchSemaphore( value: 0 ) let task = session.dataTask(with: theRequest, completionHandler: { data, response, error -> Void in AppLogger.writeLog(toFile: "Url Data from Task: \(String(describing: data))", with:Debug) if(data != nil) { let httpResponse = response as! HTTPURLResponse statusCode = httpResponse.statusCode if let urlData = data { responseData = String(data: urlData, encoding: .utf8) ?? "" } if(responseData.isEmpty) { AppLogger.writeLog(toFile: "Response data is empty.", with:Error) } } else { statusCode = 408 } // do my thing..., then unblock main thread ds.signal() }) task.resume() // block thread until semaphore is signaled ds.wait()same is happening on using the NSURLConnection.sendSynchronousRequest()
I have overriden the macOS login screen using https://github.com/skycocker/NameAndPasswordand have replaced it with my custom screen. Now, I want to show a Popover or a message box / alert box showing messages on that screen.How can i do it?