In the environment that I manage we have many departments that try to avoid central IT’s meddling hands (aka mine) and hire their own IT staff. Commonly these individuals use the out of the box installation of Windows or OSX and never properly configure the devices to meet our compliance requirements.
In order to easily detect which OSX devices are not running my image I use the following detection script in a LANDesk custom vulnerability:
*Note: my image has a file on it called imagetag.txt under the /etc/ directory, which is not there by default.
#!/bin/bash #ISMAC=TRUE Detected=0 primaryKey="/etc/imagetag.txt" # Has our Image if [ -f "$primaryKey" ]; then echo [QUOT]Detected:$Detected[QUOT] # Does not have our Image else Detected=1 Reason=[QUOT]Not running standard image[QUOT] Expected=[QUOT]Expected the standard image to be installed[QUOT] echo [QUOT]Detected:$Detected[QUOT] echo [QUOT]Reason:$Reason[QUOT] echo [QUOT]Expected:$Expected[QUOT] echo [QUOT]Found:$Reason[QUOT] fi exit 0
Any devices that show up in the “detected column” in LANDesk do not have my image and stand out like a sore thumb.