A significant update to the practical and user-friendly approach to surfacing Mac health information directly to end-users via Jamf Pro Self Service
Mac Health Check provides a practical and user-friendly approach to surfacing Mac compliance information directly to end-users via Jamf Pro Self Service.
Built using the open-source utility swiftDialog, the solution acts as a “heads-up display” that presents real-time system health and policy compliance status in a clear and interactive format.
Deployment of Mac Health Check involves configuring organizational defaults, embedding the script in Jamf Pro, creating a policy to run it on demand and testing to ensure proper output and behavior.
Administrators can customize the user interface using swiftDialog’s visual capabilities, making the experience both informative and approachable.
The tool logs results for review, while not altering device configuration, and a new "Silent" Operation Mode makes Mac Health Check ideal for IT visibility without end-user intrusion.
Four Corners & Silver State September 2025 Meetup (25-Sep-2025)
Mac Health Check is particularly valuable in IT support workflows, serving as an initial triage point for Tier 1 support by confirming network access, credentials, and Jamf Pro connectivity, while also acting as a verification tool for Tier 2 teams both during and after remediation efforts.
- User has a working Internet connection
- User knows their directory credentials
- Mac can execute policies
- Validates Network Access Controls
- Initial assessment for support sessions
- Easily confirms remediation efforts
- Provides peace-of-mind for end-users
- Silently performs all health checks and logs results
- No dialog is presented to the end-user
- Ideal for background compliance reporting
- Complements existing MDM compliance frameworks
The following health checks and information reporting are included and the script operates in “test” mode by default. (Change operationMode to production when ready to deploy in production.)
- macOS Version
- Available Updates (including deferred and DDM-enforced updates)
- System Integrity Protection
- Signed System Volume (SSV)
- Firewall
- FileVault Encryption
- Gatekeeper / XProtect
- Touch ID 🆕
- VPN Client
- Last Reboot
- Free Disk Space
- User's Directory Size and Item Count
- Desktop
- Downloads
- Trash
- MDM Profile
- MDM Certificate Expiration
- Apple Push Notification service
- Jamf Pro Check-in
- Jamf Pro Inventory
- Extended Network Checks
- Apple Push Notification Hosts
- Apple Device Management
- Apple Software and Carrier Updates
- Apple Certificate Validation
- Apple Identity and Content Services
- Jamf Hosts
- Electron Corner Mask 🆕 🔗
- Organizationally required Applications (i.e., Microsoft Teams)
- BeyondTrust Privilege Management*
- Cisco Umbrella*
- CrowdStrike Falcon*
- Palo Alto GlobalProtect*
- Network Quality Test
- Update Computer Inventory
*Requires external check
- Telephone
- Website
- Knowledge Base Article
- Full Name
- User Name
- User ID
- Secure Token
- Location Services
- Microsoft OneDrive Sync Date
- Platform Single Sign-on Extension
- macOS version (build)
- System Memory
- System Storage
- Dialog version
- Script version
- Computer Name
- Serial Number
- Wi-Fi SSID
- Wi-FI IP Address
- VPN IP Address
- Jamf Pro Computer ID
- Site
**Payload Variables for Configuration Profiles
MHC (2.6.0): 2025-11-06 03:43:13 - [NOTICE] WARNING: 'localadmin' IS A MEMBER OF 'admin';
User: macOS Server Administrator (localadmin) [503] staff everyone localaccounts _appserverusr
admin _appserveradm com.apple.sharepoint.group.4 com.apple.sharepoint.group.3
com.apple.sharepoint.group.1 _appstore _lpadmin _lpoperator _developer _analyticsusers
com.apple.access_ftp com.apple.access_screensharing com.apple.access_ssh com.apple.access_remote_ae
com.apple.sharepoint.group.2; Bootstrap Token supported on server: YES;
Bootstrap Token escrowed to server: YES; sudo Check: /etc/sudoers: parsed OK;
sudoers: root ALL = (ALL) ALL %admin ALL = (ALL) ALL ; Platform SSOe: localadmin NOT logged in;
Location Services: Enabled; SSH: On; Microsoft OneDrive Sync Date: Not Configured;
Time Machine Backup Date: Not configured; localadmin's Desktop Size: 160M for 116 item(s);
localadmin's Trash Size: 1.8M for 3 item(s); Battery Cycle Count: 0; Wi-Fi: Liahona;
Ethernet IP address: 17.113.201.250; VPN IP: 17.113.201.250;
Network Time Server: time.apple.com; Jamf Pro Computer ID: 007; Site: Servers
- Warning when logged-in user is a member of
admin - Deferred Software Updates
- Logged-In User Group Membership
- Bootstrap Token
- sudoers
- Kerberos SSOe
- Location Services
- SSH
- Time Machine
- Battery Cycle Count
- Network Time Server
- Jamf Pro Computer ID
Community-supplied, best-effort support is available on the Mac Admins Slack (free, registration required) #mac-health-check Channel, or you can open an issue.
Deployment of Mac Health Check involves configuring organizational defaults, embedding the script in Jamf Pro, creating a policy to run it on demand and testing to ensure proper output and behavior.