好的,我现在需要帮用户总结一篇文章的内容,控制在100字以内。首先,我得仔细阅读文章,理解其主要内容和重点。 文章主要讲的是如何在macOS Tahoe系统中使用“系统信息”应用程序来识别由MDM(移动设备管理)管理的用户账户。之前的方法使用了mdmclient命令行工具,但有个缺点,就是只能在当前登录的账户是MDM管理的情况下才能获取信息。而新的方法通过系统信息应用,无论账户是否登录,都能获取相关信息。 具体来说,在系统信息中选择“配置文件”部分,点击MDM配置文件,就能在“其他信息”中看到“Managed User”,其中包括了UUID和UID。此外,文章还提供了使用system_profiler和dscl命令行工具来获取这些信息的方法,并给出了一个示例脚本。 所以,总结的时候需要涵盖以下几点: 1. 介绍新方法:使用系统信息应用。 2. 方法的优势:无需当前登录即可获取。 3. 提供的详细信息:UUID和UID。 4. 命令行工具的使用说明。 接下来,我需要用简洁的语言把这些点整合起来,控制在100字以内。确保不遗漏关键信息,同时语言流畅自然。 可能的结构是: 介绍新方法及其优势 → 提供的信息类型 → 如何通过命令行工具获取更多信息。 现在开始组织语言: “文章介绍了如何在macOS Tahoe中使用系统信息应用识别MDM管理的用户账户。该方法无需当前登录即可获取相关信息,并显示用户的UUID和UID。通过system_profiler和dscl命令行工具可进一步查询详细信息。” 检查一下字数是否符合要求,并确保没有遗漏关键点。 </think> 文章介绍了如何在macOS Tahoe中使用系统信息应用识别MDM管理的用户账户。该方法无需当前登录即可获取相关信息,并显示用户的UUID和UID。通过system_profiler和dscl命令行工具可进一步查询详细信息。 2025-10-18 17:41:19 Author: derflounder.wordpress.com(查看原文) 阅读量:19 收藏
Home > Mac administration, macOS, Mobile Device Management > Identifying MDM-managed user accounts using System Information on macOS Tahoe
Identifying MDM-managed user accounts using System Information on macOS Tahoe
A while back, I had written a post on how to identify MDM-managed user accounts using the mdmclient command line tool. While this method continues to work on macOS Tahoe, it does have a drawback – the mdmclient tool will only report this information if the MDM-managed user account is currently logged in.
There is an alternative way to get this information though, as it is also available via the System Information app included with macOS. This information should be available regardless of whether the MDM-managed user account is logged in or not. For more details, please see below the jump.
In the System Information app, you can access information about the MDM-managed user account by selecting the Profiles section, then clicking on the MDM Profile listing. If this Mac has an MDM-managed user account, it should be listed as Managed User in the Other Info section at the end of the MDM Profile listing’s information.
In place of listing the account’s username, the Managed User information provides two items of information:
- The account’s assigned UUID identifier (also referred to as a GeneratedUID.)
- The account’s assigned user identifier (also referred to as a UID.)
This information can also be obtained using the system_profiler command line tool, where you should only need the account’s assigned UUID identifier in order to identify the account.
To get the UUID identifier information using the system_profiler tool, the following command can be run:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /usr/sbin/system_profiler SPConfigurationProfileDataType | grep "Managed User" | sed -E 's/.* ([0-9A-F-]{36}) .*/\1/' |
Running this command should provide output similar that shown below:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| username@ZWD3QRQYG2 ~ % /usr/sbin/system_profiler SPConfigurationProfileDataType | grep "Managed User" | sed -E 's/.* ([0-9A-F-]{36}) .*/\1/' | |
| 88B48FCB-E137-4D9F-B4E9-7806396ACED7 | |
| username@ZWD3QRQYG2 ~ % |
To get the account username, run the following command with the UUID identifier in the appropriate place:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /usr/bin/dscl . -search /Users GeneratedUID UUID_goes_here | awk '{print $1}' | head -n 1 |
Running this command should provide output similar that shown below:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| username@ZWD3QRQYG2 ~ % /usr/bin/dscl . -search /Users GeneratedUID 88B48FCB-E137-4D9F-B4E9-7806396ACED7 | awk '{print $1}' | head -n 1 | |
| username | |
| username@ZWD3QRQYG2 ~ % |
Using this information, see below for an example script showing how you can get the account’s assigned UUID identifier and then use it to identify the managed user’s username:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/zsh | |
| MDMManagedUserGUID=$(/usr/sbin/system_profiler SPConfigurationProfileDataType | grep "Managed User" | sed -E 's/.* ([0-9A-F-]{36}) .*/\1/') | |
| MDMManagedUserUsername=$(/usr/bin/dscl . -search /Users GeneratedUID "$MDMManagedUserGUID" | awk '{print $1}' | head -n 1 2>/dev/null) | |
| echo "GeneratedUID of the MDM managed user account: $MDMManagedUserGUID" | |
| echo "Username of the MDM managed user account: $MDMManagedUserUsername" |
Running the example script should provide output similar that shown below:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| username@ZWD3QRQYG2 ~ % ./mdm_managed_user_lookup.sh | |
| GeneratedUID of the MDM managed user account: 88B48FCB-E137-4D9F-B4E9-7806396ACED7 | |
| Username of the MDM managed user account: username | |
| username@ZWD3QRQYG2 ~ % |
如有侵权请联系:admin#unsafe.sh