Share this page : facebooktwitterlinkedinmailfacebooktwitterlinkedinmail

Issue: Push (profile, APP) function does not work:

 

Solution:

Check if the server cert is expired, try renewing your Apple Push Notification Certificate:

 

– Go to the Server.app

– Server Name at top left

– Settings / Notifications

– Edit Apple ID

– Renew

 

 

Logout script ( for Proxy software, I will take cyberhound as example):

 

Local test:

Create a script file:

#!/bin/sh

curl -s https://auth.localnetwork.zone/logout > /dev/null
Chmod +x file_name

Then hook this file to the system LogoutHook

defaults write com.apple.loginwindow LogoutHook /path/to/script

You can check the result by

Defaults read com.apple.loginwindow LogoutHook

Test if this logout by switching user, and check auth.localnetwork.zone in a browser, see if you login with the current user, if it still show the previous logged in user, troubleshoot.

Deploy the script

This script can be deployed either Profile manager or Remote Desktop.

Via Profile manager:

Go to Device groups, select the group you want to deploy, click Settings Tab, click General, 

 

Select Automatic Push.

Then go to Login Window, on the right select Scripts tab.

Defaults write com.apple.loginwindow  EnableMCXLoginScripts -bool TRUE

Defaults write com.apple.loginwindow MCXScriptTrust Authenticated

Deploy with MAC Remote desktop

Then copy file to the target computer with Remote Desktop:

Click + button to select the script file you created.I don’t want to user see this file and do anything on it, so I will place it in a system folder, then select the “Specify full path…” under “Place the items in:”

Then type the destination path, which is /etc for me, click OK.

If an item already exists, I will select “Replace the item” instead of “Ask what to do” since this is will be unattended.

You can either select schedule, or click Copy to do it now.

 

Troubleshoot:

use grep LogoutScript /var/log/system.log