Issue: Push (profile, APP) function does not work:
Check if the server cert is expired, try renewing your Apple Push Notification Certificate:
– Go to the Server.app
– Server Name at top left
– Settings / Notifications
– Edit Apple ID
Logout script ( for Proxy software, I will take cyberhound as example):
Create a script file:
#!/bin/sh curl -s https://auth.localnetwork.zone/logout > /dev/null
Chmod +x file_name
Then hook this file to the system LogoutHook
defaults write com.apple.loginwindow LogoutHook /path/to/script
You can check the result by
Defaults read com.apple.loginwindow LogoutHook
Test if this logout by switching user, and check auth.localnetwork.zone in a browser, see if you login with the current user, if it still show the previous logged in user, troubleshoot.
Deploy the script
This script can be deployed either Profile manager or Remote Desktop.
Via Profile manager:
Go to Device groups, select the group you want to deploy, click Settings Tab, click General,
Select Automatic Push.
Then go to Login Window, on the right select Scripts tab.
Defaults write com.apple.loginwindow EnableMCXLoginScripts -bool TRUE Defaults write com.apple.loginwindow MCXScriptTrust Authenticated
Deploy with MAC Remote desktop
Then copy file to the target computer with Remote Desktop:
Click + button to select the script file you created.I don’t want to user see this file and do anything on it, so I will place it in a system folder, then select the “Specify full path…” under “Place the items in:”
Then type the destination path, which is /etc for me, click OK.
If an item already exists, I will select “Replace the item” instead of “Ask what to do” since this is will be unattended.
You can either select schedule, or click Copy to do it now.
use grep LogoutScript /var/log/system.log