Script to fix Keychain issues in Mavericks

I have posted before on here with scripts I am working on to support a College coming up with some tools to manage Macs with some configuration scripts.

Anyone who has criticisms/comments for my script here, please: I’m glad to hear it. I’m fairly new at this.

Basically, I wanted to come up with a way of fixing the annoying “login keychain needs access to your local items” which comes up. I, myself, had the annoying problem of being pestered by keychain warnings after I changed my password on my account. My account is a network account that is a local instance of a Windows Active directory account. After my MacBook picked up the password change, it reflected it for the login, but I was being pestered constantly for the Keychain password which necessitated that I used the old password to “allow” access for various pieces of the Keychain. Rather than fix it, I set about creating this script to create a tool which I hoped could work for any user.

This script first creates a folder on logged-in user’s desktop, names it with specifics of the logged in user and puts a date on it.

It then goes into local user’s Keychains, ~/Library/Keychains/ and specifically finds what should be the folder with the long alphanumeric name (which is always different, right?) It dumps the keychain contents into a variable and looks at the first paragraph, which should be the alphanumeric folder.

It then uses the name of that first paragraph to pinpoint copying the alpha-numeric folder into the desktop backup folder. Then it does a recursive, forced removal of that folder with the local settings.

The last thing I have yet to do is to also do a pop up reminder telling the user to reboot.

Obviously, this is removing Keychain items, so I consider it a highly dangerous experiment.


(*

Help from: http://macscripter.net/viewtopic.php?id=24737
and from http://macscripter.net/viewtopic.php?id=42880
*)


display dialog "We are going to trash your current Keychain" with icon note buttons {"groovy", "lol, whu? NO!"} default button 1 cancel button 2


set doshellresults to do shell script "ls -l /dev/console"
set punter to word 3 of doshellresults -- fancy way of setting punter to logged in user

set pittedDate to do shell script "date '+%Y%m%d'"
-- this is a variable that puts todays date in an ASCII friendly way
-- such as 20140812

-- we're going to trash keychain settings
-- but to be safe, I am putting them in a folder on the desktop
-- i'm calling the variable 'Dumpster'
set Dumpster to punter & "_keychain_" & pittedDate

tell application "Finder"
	set folderExists to exists of (container Dumpster of (path to desktop))
	if folderExists is true then delete container Dumpster
end tell
-- we are going to yank out the keychain and toss it in our temporary dumpster
-- if the dumpster folder exists, already, this command will delete it

try
	tell application "Finder"
		make new folder at (path to desktop as text) with properties {name:Dumpster}
	end tell
end try

delay 1

-- now's the unforgiving part

try
	set keyHole to do shell script "ls -1 ~/Library/Keychains/"
	-- ls with the switch -1 (that's number one) to avoid listing invisible items with dots at the beginning
	set gaGa to paragraph 1 of keyHole
	-- if all goes correctly, this should be the long argle bargle folder with all annoying local settings
	-- has to be without administrator privileges.  I found doing it with admin privileges doesn't seem to to work correctly
end try



try
	do shell script "cp -R ~/Library/Keychains/" & gaGa & " ~/Desktop/" & Dumpster & "/" with administrator privileges
	do shell script "rm -rf ~/Library/Keychains/" & gaGa with administrator privileges
end try




Hi,

there are some things which can be accomplished much easier and faster with pure AppleScript rather than using a shell script


set doshellresults to do shell script "ls -l /dev/console"
set punter to word 3 of doshellresults -- fancy way of setting punter to logged in user

is the same as

set punter to short user name of (system info)

This


try
	set keyHole to do shell script "ls -1 ~/Library/Keychains/"
	set gaGa to paragraph 1 of keyHole
end try

can be replaced with


set keychainFolder to path to keychain folder
try
	tell application "Finder" to set gaGa to name of first folder of keychainFolder
end try

As the desktop folder is the default location of the Finder you can replace


tell application "Finder"
	set folderExists to exists of (container Dumpster of (path to desktop))
	if folderExists is true then delete container Dumpster
end tell
try
	tell application "Finder"
		make new folder at (path to desktop as text) with properties {name:Dumpster}
	end tell
end try

with


tell application "Finder"
	if exists folder Dumpster then
		delete every item of folder Dumpster
	else
		make new folder with properties {name:Dumpster}
	end if
end tell

If the folder exists, all items in the folder are deleted instead of deleting and recreating the folder

All of those edits work wonderfully. Thanks for your help!

Cheers,

Ð