Create makeMeAdmin.sh

Author: memile123

makeMeAdmin.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+
+currentUser=$(who | awk '/console/{print $1}')
+echo $currentUser
+
+osascript -e 'set T to text returned of (display dialog "Please enter a one line business justification for the admin-level action(s) to be taken." buttons {"Cancel", "OK"} default button "OK" default answer "")'
+	
+    
+osascript -e 'display dialog "Your local computer user account has been elevated to admin privileges for 30 minutes.  Activity is logged." buttons {"Cancel", "OK"} default button 2'
+   
+sudo defaults write /Library/LaunchDaemons/removeAdmin.plist Label -string "removeAdmin"
+
+sudo defaults write /Library/LaunchDaemons/removeAdmin.plist ProgramArguments -array -string /bin/sh -string "/Library/Application Support/JAMF/removeAdminRights.sh"
+
+sudo defaults write /Library/LaunchDaemons/removeAdmin.plist StartInterval -integer 1800
+
+sudo defaults write /Library/LaunchDaemons/removeAdmin.plist RunAtLoad -boolean yes
+
+sudo chown root:wheel /Library/LaunchDaemons/removeAdmin.plist
+sudo chmod 644 /Library/LaunchDaemons/removeAdmin.plist
+
+launchctl load /Library/LaunchDaemons/removeAdmin.plist
+sleep 10
+
+if [ ! -d /private/var/userToRemove ]; then
+	mkdir /private/var/userToRemove
+	echo $currentUser >> /private/var/userToRemove/user
+	else
+		echo $currentUser >> /private/var/userToRemove/user
+fi
+
+/usr/sbin/dseditgroup -o edit -a $currentUser -t user admin
+
+cat << 'EOF' > /Library/Application\ Support/JAMF/removeAdminRights.sh
+if [[ -f /private/var/userToRemove/user ]]; then
+	userToRemove=$(cat /private/var/userToRemove/user)
+	echo "Removing $userToRemove admin privileges"
+	/usr/sbin/dseditgroup -o edit -d $userToRemove -t user admin
+	rm -f /private/var/userToRemove/user
+	launchctl unload /Library/LaunchDaemons/removeAdmin.plist
+	rm /Library/LaunchDaemons/removeAdmin.plist
+	log collect --last 30m --output /private/var/userToRemove/$userToRemove.logarchive
+fi
+
+EOF
+exit 0