Manage Folder Access
- 29 Sep 2023
- 3 読む分
- 印刷する
- PDF
Manage Folder Access
- 更新日 29 Sep 2023
- 3 読む分
- 印刷する
- PDF
The content is currently unavailable in Ja - 日本語. You are viewing the default English version.
記事の要約
この要約は役に立ちましたか?
ご意見ありがとうございます
The following Script helps IT Admins control the user's access to the Desktop, Document, and Download folder on the managed Mac device(s).
- Create a file on your desktop, for example, manage_folder_access.sh and open it in a text editor like notepad++
- Copy the contents below to the file or click hereto download the file.Shell
#!/bin/bash #Enter account name for which the action should be performed. #You can check the username by running "dscl . -list /Users" command in the terminal USER_NAME="username" #Set the value to true if you want to block desktop folder access, else set as false SHOULD_BLOCK_DESKTOP="true" #Set the value to true if you want to block document folder access, else set as false SHOULD_BLOCK_DOCUMENT="true" #Set the value to true if you want to block download folder access, else set as false SHOULD_BLOCK_DOWNLOAD="true" ###### DO NOT EDIT CODE BELOW THIS ########## ## Check if user exists if id "$USER_NAME" &>/dev/null; then echo "User '$USER_NAME' exists." else echo "User '$USER_NAME' does not exist." exit 1 fi DESKTOP_FOLDER="/Users/$USER_NAME/Desktop/" if [[ "$SHOULD_BLOCK_DESKTOP" = "true" ]]; then echo "Should block $USER_NAME's desktop folder access at $DESKTOP_FOLDER" chown -R root:wheel "$DESKTOP_FOLDER" else echo "Should unblock $USER_NAME's desktop folder access at $DESKTOP_FOLDER" chown -R $USER_NAME:staff "$DESKTOP_FOLDER" fi DOCUMENT_FOLDER="/Users/$USER_NAME/Documents/" if [[ "$SHOULD_BLOCK_DOCUMENT" = "true" ]]; then echo "Should block $USER_NAME's document folder access at $DOCUMENT_FOLDER" chown -R root:wheel "$DOCUMENT_FOLDER" else echo "Should unblock $USER_NAME's document folder access at $DOCUMENT_FOLDER" chown -R $USER_NAME:staff "$DOCUMENT_FOLDER" fi DOWNLOAD_FOLDER="/Users/$USER_NAME/Downloads/" if [[ "$SHOULD_BLOCK_DOWNLOAD" = "true" ]]; then echo "Should block $USER_NAME's document folder access at $DOWNLOAD_FOLDER" chown -R root:wheel "$DOWNLOAD_FOLDER" else echo "Should unblock $USER_NAME's document folder access at $DOWNLOAD_FOLDER" chown -R $USER_NAME:staff "$DOWNLOAD_FOLDER" fi killall Finder- While uploading the script, please select No for the option "Run script as signed-in user," as shown in the image below. 
- While uploading the script, please select No for the option "Run script as signed-in user," as shown in the image below. 
- You can also execute the above script as a Dynamic Script with Custom Propertiesfeature on different devices having different user accounts.
- Create a file on your desktop, for example, manage_folder_access_custom_properties.sh and open it in a text editor like Notepad++
- Copy the contents below to the file or click hereto download the file.Shell
#!/bin/bash #Configure the user_account_name for the device via custom property USER_NAME="%$device.user_account_name%" #Configure the block_desktop_folder for the device via custom property SHOULD_BLOCK_DESKTOP="%$device.block_desktop_folder%" #Configure the block_document_folder for the device via custom property SHOULD_BLOCK_DOCUMENT="%$device.block_document_folder%" #Configure the block_download_folder for the device via custom property SHOULD_BLOCK_DOWNLOAD="%$device.block_download_folder%" ###### DO NOT EDIT CODE BELOW THIS ########## ## Check if user exists if id "$USER_NAME" &>/dev/null; then echo "User '$USER_NAME' exists." else echo "User '$USER_NAME' does not exist." exit 1 fi DESKTOP_FOLDER="/Users/$USER_NAME/Desktop/" if [[ "$SHOULD_BLOCK_DESKTOP" = "true" ]]; then echo "Should block $USER_NAME's desktop folder access at $DESKTOP_FOLDER" chown -R root:wheel "$DESKTOP_FOLDER" else echo "Should unblock $USER_NAME's desktop folder access at $DESKTOP_FOLDER" chown -R $USER_NAME:staff "$DESKTOP_FOLDER" fi DOCUMENT_FOLDER="/Users/$USER_NAME/Documents/" if [[ "$SHOULD_BLOCK_DOCUMENT" = "true" ]]; then echo "Should block $USER_NAME's document folder access at $DOCUMENT_FOLDER" chown -R root:wheel "$DOCUMENT_FOLDER" else echo "Should unblock $USER_NAME's document folder access at $DOCUMENT_FOLDER" chown -R $USER_NAME:staff "$DOCUMENT_FOLDER" fi DOWNLOAD_FOLDER="/Users/$USER_NAME/Downloads/" if [[ "$SHOULD_BLOCK_DOWNLOAD" = "true" ]]; then echo "Should block $USER_NAME's document folder access at $DOWNLOAD_FOLDER" chown -R root:wheel "$DOWNLOAD_FOLDER" else echo "Should unblock $USER_NAME's document folder access at $DOWNLOAD_FOLDER" chown -R $USER_NAME:staff "$DOWNLOAD_FOLDER" fi killall Finder - Note you will need to first create Custom Properties on the dashboard to use this script:
- Configure the custom property with the name user_account_name for the device.
- Configure the customer property with the name block_desktop_folder for the device.
- Configure the customer property with the name block_document_folder for the device.
- Configure the customer property with the name block_download_folder for the device.
- Follow our guide to upload & publish the Shell script using Scalefusion Dashboard.
Please note that to use the Shell scripts, the Scalefusion MDM Client Application must be installed on the device(s). Please follow our guide to publish and install the Scalefusion MDM Agent Application.
Notes:
1. The scripts and their contents are sourced from various albeit authenticated Apple Developer communities and forums.
2. Please validate the scripts on a test machine before deploying them on all your managed devices.
3. Scalefusion has tested these scripts, however, Scalefusion will not be responsible for any data loss or system malfunction that may arise due to the incorrect usage of these scripts.
この記事は役に立ちましたか?
