Bug: Script does not appear to support non-PSSO environments #81
Description
**Describe the bug✱
When using the script with Jamf Pro, a portion of the script that checks for PSSO registration will cause the system to recon back to jamf with a potential incorrect username.
To Reproduce
- Noticed after running 3.1.0 in silent mode across my fleet.
- Please detail any modifications. No modifications that are relevant to this bug.
**MHC Script✱
The script contains this section:
# Platform Single Sign-on Extension
pssoeEmail=$( dscl . read /Users/"${loggedInUser}" dsAttrTypeStandard:AltSecurityIdentities 2>/dev/null | awk -F'SSO:' '/PlatformSSO/ {print $2}' )
if [[ -n "${pssoeEmail}" ]]; then
platformSSOeResult="${pssoeEmail}"
else
platformSSOeResult="${loggedInUser} NOT logged in"
fi
Due to not yet deploying Platform Single Sign-on, MHC is recording all systems as platformSSOeResult=${loggedInUser} NOT logged in, and then submitting jamf recon -endUsername "${platformSSOeResult}" which overwrites the current username within Jamf Pro with "tonyyoung NOT logged in" as an example.
While I have fixed the script manually in my environment, I wanted to submit a ticket so it can be tracked in case other orgs run into the same issue.
Unfortunately, due to the nature of my organization, full logging cannot be provided at this time.
Environment (please complete the following information):
- OS version: macOS 26.3
- MDM: Jamf Pro 11.24 (on-premise)
- Script version: 3.1.0 [silent]
Additional context
https://github.com/dan-snelson/Mac-Health-Check/blob/22885a2f2e874790eca2d913637c1b4a235eef2e/Mac-Health-Check.zsh#L386C1-L392C3
and
https://github.com/dan-snelson/Mac-Health-Check/blob/22885a2f2e874790eca2d913637c1b4a235eef2e/Mac-Health-Check.zsh#L4047C1-L4053C11