iCloud Preferences – Tracking User’s settings of iCloud

In the technology, security is a number one need for most organizations.  So my security department tasked me with the want to be able to see what settings user’s are using for their iCloud.

So I decided I would create a nifty little tool that would be used as an extension attribute.  It’s pretty straight forward on how it make it work.  Go into your JSS and create a new extension attribution.  You can name it whatever you like.

Next select the option on the extension attribute to be a script.  Then here comes the meat of the solution.

Paste the following lines into the script box:

#!/bin/bash
#############################################################
# Purpose: To report on the status of iCloud Preferences
# Author: GaToRAiD (Andrew Barrett)
# Date: 11/3/14
# Version: 2.0
#############################################################

for ((i=0; i<12; i++));
do
Service=`/usr/libexec/PlistBuddy -c “Print Accounts:0:Services:$i” “/Users/abarrett/Library/Preferences/MobileMeAccounts.plist”`
serviceName=`echo “$Service” | egrep “Name” | awk -F’ ‘ {‘print $3′}`
serviceStatus=`echo “$Service” | egrep “Enabled” | awk -F’ ‘ {‘print $3′}`
if [[ -z “$serviceStatus” ]]; then
serviceStatus=`echo “$Service” | egrep “beta” | awk -F’ ‘ {‘print $3’}`
fi
serviceInfo=”${serviceInfo}\n Service Name: $serviceName\n Service Status: $serviceStatus”

done

echo -e “<result>$serviceInfo</result>”

#############################################################

 

 

Now this is not going to be a realtime option for my security department, as I have one but currently as I write this article, Rest API is not working the way it should.  Once this has been fixed I will post a new article with a tool that is near realtime to alert you on iCloud preferences.

Dealing with FileVault Encryption during Netboot.

Ok, so one thing I’ve run into while imaging machines via netboot is the pain previously filevault encrypted drives can be.  So while doing some research, I found a nice little command provided by Rich Trouton.  But unfortunately, this was not enough for my need.

While running his command, I would receive and error stating it could not mount the device(Will provide the error when I return to work with an update).

So little backstory as to why I created an app via applescript to do this.  I wanted to make things as easy as possible for my techs, so basically it will do it all for them without them having to possibly do something they would not be comfortable doing.

So here comes to code!

CODE:

do shell script “diskutil list | grep /dev”

set Drives to paragraphs of result

set FullList to do shell script “diskutil list | awk ‘{print $1 $3 $4}’ | sed ‘s/#:NAMESIZE//g’ | sed ‘s/[0-9]://g’ | sed ‘/^$/d’ | sed ‘/disk[0-9]/ i\\

——-

‘”

set selectedDrive to (choose from list Drives with prompt “” & FullList & “

Which drive would you like to format? By default, you should format disk0″ without multiple selections allowed) as text

if selectedDrive is equal to “false” then

display dialog “Exiting Program”

error number -128

end if

set SkynetRemoval to display dialog “Are you sure you want to format: ” & selectedDrive buttons {“Yes”, “No”} default button 2

set SkynetRemoval to returned of question

Removal(selectedDrive, SkynetRemoval)

display dialog “Drive: ” & selectedDrive & ” has been formated”

on Removal(selectedDrive, SkynetRemoval)

try

if SkynetRemoval is equal to “Yes” then

set Finished to do shell script “sudo diskutil partitionDisk ” & selectedDrive & ” 1 gpt jhfs+ \”Macintosh HD\” 100%”

end if

if SkynetRemoval is equal to “No” then

display dialog “Almost destroyed the world…..”

end if

on error

do shell script “diskutil unmountDisk force ” & selectedDrive

do shell script “diskutil mountDisk ” & selectedDrive

Removal(selectedDrive, SkynetRemoval)

end try

end Removal

_____________

END OF CODE

Now, there is some subtle jokes in this script, so if you like what it is doing, you can use it.