Articles July 9, 2007 at 2:16 am

Elmer: Automated Deletion of Mobile ( Portable ) Accounts.

Clean up your PHDs and remove the trailer park of mobile homes you have lying around.

If you run a lab that uses mobile accounts , one of the problems that probably you deal with is the rabbit droppings effect: where users create accounts in the local netinfo database on your lab machines by virtue of logging in. Not only are their accounts cached locally but normally some part of the home directory as well. The normal reason for deploying such an environment is bandwidth concerns with using network accounts. You may re-image your lab enough that the effect is minimal but if your on say a quarterly system chances are these accounts are accumulating exponentially.

Elmer is a script that runs at shutdown and will delete user accounts that have not logged in  ( with a loginhook ) after a configurable number of days . The rationale being that users must synch their information to the server for it to be backed up and these cached copies are just taking up space, and potentially causeing syncs to take longer due to comparisons. This is my first public release of this script so I have endeavored to make sure all is in order,but as always if you have any code additions , bug reports please leave them in the comments or contact me

You  can download the Package Project ->here<- and a pre-built Package ->here<- 

The following is the version 1 of included readme doc:  

Elmer “Rabbit Droppings” remover v1.9

 

These scripts are designed to remove mobile home directories after 15 days

test in a non production environment before deploying!

 

This installer package will install (by default) into /Library/Application Support/Wallcity.

It then runs a postflight script that adds a loginhook and sym links the main script (elmer) to /etc/rc.shutdown.local, which runs at shutdown.

 

Note: That the postflight will not overwrite an existing script so you may call it at the last active line of your existing hook. 

bash ‘/Library/Application Support/Wallcity/loginhook’ $1

Or alternatively you could also use:

exec ‘/Library/Application Support/Wallcity/loginhook’ $1

 

loginhook:

 

This script creates(touches) a file in mobile home directories called “.logintime”, each time the user logs in the file’s modification time is updated. By default non-mobile local accounts, network users and admin users are excluded from the file creation process, but this is configurable.

 

elmer:

 

This script is the payload, working off the files created by the loginhook, this script searches the top directories in the configured home path (/Users) and then finds all touch files that have not been modified in the last 15 days (configurable.) It verifies that the user is not an admin and is indeed a mobile user(authenticationauthority). It double checks to make sure that the path we are about to delete is in fact the uses home directory (NFSHomeDirectory). As the user it attempts to recursively remove all the contents of the home directory , it then removes the empty directory as root ( or moves out of the way in error)

Note: You should exclude “.logintime” from syncing.

 

Note: This script was designed to run at shutdown, if you would like to run as a cron job then you might have it touch /etc/nologin or check that no one if logged in to the console before you start.

In the future more updated information will be available at my companies blog

Leave a reply

You must be logged in to post a comment.