Platypus Applications and Scripting

Recently, I was given an interesting task by one of our clients. They had merged with another organization a few months back, and it’s finally time for their Office 365 accounts to merge. But, because of the way Office 365 is tenanted, you have to migrate the data behind the scenes, switch DNS records, and then setup Outlook from scratch.

That’s not ideal. It’s also a lot to explain over the phone as you help users through the process.

So how could we automate this?

We needed to do a few things:

  1. Unlicense Office 365
  2. Remove the Email account.
  3. Re-license Office
  4. Re-setup the Email account.

Unlicensing things was easy to handle, thanks to Microsoft’s Paul Bowden, there’s an easy-to-run script for that. Re-licensing and setting up the email can be done in chained steps, thanks to how Outlook handles initial user setup. If there’s no Outlook Profile, it creates a new profile, handles licensure, and uses that licensing account to setup the initial email. Cool, that part’s handled. All we need to do is remove the Outlook Profile in its entirety.

Then I remembered that Outlook could have local mail stored in the On My Computer folders that are available if you turn them on. Last thing I wanted was to find out that we’d removed the Outlook Profile and nuked a bunch of archival information that our customer was relying on.

Turns out, Paul was ahead of me there, too, and had written a script that returns the size of those folders! It’s designed for use with a Jamf Extension Attribute, but I could use this on disk to cat out a size value to a text file on disk, and use string comparison to check for a value that is anything other than 0.00.

I wrote a script that let me reference both of those other scripts, but now that’s a lot to expect a non-technical user to do, so what if we could wrap this in an app somehow?

Enter Platypus.

Platypus is a Mac App that creates other Mac Apps out of shell scripts, python scripts, tcl scripts and more, and it will let you string together other files as resources, available to the primary script.

In this case, I chose my short script that references the Unlicense and scripts, re-pathed those references to inside the same folder as the primary script, and added an icon, bundle identifier, and name for the app.

Once I had built the app, it was important to sign it and notarize it, in case we decided to distribute through direct download means:

codesign --deep --force --verify --verbose --timestamp --options runtime --sign "Developer ID Application: Technolutionary LLC (ABCDEF1234)"

ditto -c -k --keepParent

xcrun altool --notarize-app -f --primary-bundle-id "com.nope.OutlookChanges" -u -p your-app-specific-pass-here

These three commands sign the application bundle, zip it up, and then submit it for notarization. Once notarized, you can staple the app easily with another command:

xcrun stapler staple

A review of the application with What’s My Sign will show its status:

And now we have an application we can use to do the task! Thanks Platypus!