mthielemann
commented
1 month ago @aduffner Good idea but I would not misuse the expires field for a timestamp but add an additional timestamp field. Would this work for you?
Closed aduffner closed 1 month ago
mthielemann
commented
1 month ago @aduffner Good idea but I would not misuse the expires field for a timestamp but add an additional timestamp field. Would this work for you?
mthielemann
commented
1 month ago Starting with build 1813 the JSON looks like this:
{
"admin":true,
"expires":"2024-10-25T07:24:19Z",
"machine":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"reason":"",
"timestamp":"2024-10-25T07:19:19Z",
"user":"xxxxxxxxx"
}
{
"admin":false,
"expires":"",
"machine":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"reason":"requested by user",
"timestamp":"2024-10-25T07:19:19Z",
"user":"xxxxxxxxx"
}
{
"admin":false,
"expires":"",
"machine":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"reason":"privileges expired",
"timestamp":"2024-10-25T07:19:19Z",
"user":"xxxxxxxxx"
}In addition to this the regular logging has been changed to this:
User xxxxxxxxx now has standard user privileges (requested by user)
User xxxxxxxxx now has standard user privileges (privileges expired)
aduffner
commented
1 month ago @mthielemann Love it! You have turned my original idea into a holistic approach.
aduffner
commented
1 month ago Result/Example 🤩
Request Body JSON Schema:
{
"type": "object",
"properties": {
"admin": {
"type": "boolean"
},
"expires": {
"type": "string"
},
"machine": {
"type": "string"
},
"reason": {
"type": "string"
},
"timestamp": {
"type": "string"
},
"user": {
"type": "string"
}
}
}
Referencing: macOS 15.0.1 (24A348) with Privileges Beta 2.0.0 (1805)
Of course Power Automate can give me a date, but it would be easier if the post message included when and how the user terminated their admin rights locally (time expired or self terminated).