Read NoMAD configuration values from Managed Preferences (#50)

Read NoMAD configuration values from /Library/Managed Preferences before reading them from ~/Library/Preferences. In manual testing with split preferences, UseKeychain is now being read from Managed Preferences plist while UserPrincipal is still being read from the user's preferences plist. This will avoid users having to use that manual workaround on corporate managed devices that deploy a configuration profile to manage NoMAD. Fixes: #32 Co-authored-by: Seng Ern Gan <sengern.gan@anz.com>
samuong · Mar 8, 2020 · 80b4c59 · 80b4c59
1 parent 948b151
commit 80b4c59
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 3 deletions.
diff --git a/AUTHORS b/AUTHORS
@@ -4,3 +4,4 @@ James Moriarty <jamespaulmoriarty@gmail.com>
 Julia Ogris <julia.ogris@gmail.com>
 Keith Ferguson <keith.ferguson@anz.com>
 Sam Uong <samuong@gmail.com>
+Seng Ern Gan <sengern.gan@anz.com>
diff --git a/nomad_darwin.go b/nomad_darwin.go
@@ -1,4 +1,4 @@
-// Copyright 2019 The Alpaca Authors
+// Copyright 2019,2020 The Alpaca Authors
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@ package main
 
 import (
 	"errors"
+	"fmt"
 	"log"
 	"os/exec"
 	"strings"
@@ -31,8 +32,15 @@ func init() {
 }
 
 func readDefaultForNoMAD(key string) (string, error) {
-	cmd := execCommand("defaults", "read", "com.trusourcelabs.NoMAD", key)
-	out, err := cmd.Output()
+	userDomain := "com.trusourcelabs.NoMAD"
+	mpDomain := fmt.Sprintf("/Library/Managed Preferences/%s.plist", userDomain)
+
+	// Read from managed preferences first
+	out, err := execCommand("defaults", "read", mpDomain, key).Output()
+	if err != nil {
+		// Read from user preferences if not in managed preferences
+		out, err = execCommand("defaults", "read", userDomain, key).Output()
+	}
 	if err != nil {
 		return "", err
 	}