A practical and user-friendly approach to surfacing Mac compliance information directly to end-users via Jamf Pro Self Service
Mac Health Check provides a practical and user-friendly approach to surfacing Mac compliance information directly to end-users via Jamf Pro Self Service.
Built using the open-source utility swiftDialog, the solution acts as a “heads-up display” that presents real-time system health and policy compliance status in a clear and interactive format.
Deployment of Mac Health Check involves configuring organizational defaults, embedding the script in Jamf Pro, creating a policy to run it on demand and testing to ensure proper output and behavior.
Administrators can customize the user interface using swiftDialog’s visual capabilities, making the experience both informative and approachable.
The tool logs results for IT review, while not altering device configurations, making it ideal for visibility without intrusion.
University of Utah Mac Admins (July 2025)
Mac Health Check is particularly valuable in IT support workflows, serving as an initial triage point for Tier 1 support by confirming network access, credentials, and Jamf Pro connectivity, while also acting as a verification tool for Tier 2 teams both during and after remediation efforts.
- User has a working Internet connection
- User knows their directory credentials
- Mac can execute policies
- Validates Network Access Controls
- Initial assessment for support sessions
- Easily confirms remediation efforts
- Provides peace-of-mind for end-users
The following health checks and information reporting are included and the script operates in “test” mode by default. (Change operationMode to production when ready to deploy in production.)
- macOS Version
- Available Updates (including deferred updates)
- System Integrity Protection
- Firewall
- FileVault Encryption
- Last Reboot
- Free Disk Space
- MDM Profile
- MDM Certificate Expiration
- Apple Push Notification service
- Jamf Pro Check-in
- Jamf Pro Inventory
- BeyondTrust Privilege Management*
- Cisco Umbrella*
- CrowdStrike Falcon*
- Palo Alto GlobalProtect*
- Network Quality Test
- Update Computer Inventory
*Requires external check
- Telephone
- Website
- Knowledge Base Article
- Full Name
- User Name
- User ID
- Secure Token
- Location Services
- Microsoft OneDrive Sync Date
- Platform Single Sign-on Extension
- macOS version (and build)
- Computer Name
- Serial Number
- Wi-Fi SSID
- Wi-FI IP Address
- VPN IP Address
- Jamf Pro Computer ID
- Site
**Payload Variables for Configuration Profiles
MHC (2.1.0): 2025-07-24 03:43:13 - [NOTICE] WARNING: 'localadmin' IS A MEMBER OF 'admin';
User: macOS Server Administrator (localadmin) [503] staff everyone localaccounts _appserverusr
admin _appserveradm com.apple.sharepoint.group.4 com.apple.sharepoint.group.3
com.apple.sharepoint.group.1 _appstore _lpadmin _lpoperator _developer _analyticsusers
com.apple.access_ftp com.apple.access_screensharing com.apple.access_ssh com.apple.access_remote_ae
com.apple.sharepoint.group.2; Bootstrap Token supported on server: YES;
Bootstrap Token escrowed to server: YES; sudo Check: /etc/sudoers: parsed OK;
sudoers: root ALL = (ALL) ALL %admin ALL = (ALL) ALL ; Platform SSOe: localadmin NOT logged in;
Location Services: Enabled; SSH: On; Microsoft OneDrive Sync Date: Not Configured;
Time Machine Backup Date: Not configured ; Battery Cycle Count: 0; Wi-Fi: Liahona;
Ethernet IP address: 17.113.201.250; VPN IP: 17.113.201.250; Network Time Server: time.apple.com;
Jamf Pro ID: 007; Site: Servers
- Warning when logged-in user is a member of
admin - Deferred Software Updates
- Logged-In User Group Membership
- Bootstrap Token
- sudoers
- Kerberos SSOe
- Location Services
- SSH
- Time Machine
- Battery Cycle Count
- Network Time Server
- Jamf Pro ID
Community-supplied, best-effort support is available on the Mac Admins Slack (free, registration required) #mac-health-check Channel, or you can open an issue.
Deployment of Mac Health Check involves configuring organizational defaults, embedding the script in Jamf Pro, creating a policy to run it on demand and testing to ensure proper output and behavior.