Needs some help, new to AppleScript

Hey all, I’m new to the forums and new to AppleScript, but not to macOS.

I work for a rather large company that is looking to better utilize and deploy Macs to users.

We currently do not have an MDM setup and Apple has now all but eliminated imaging with T2 devices and Mojave, thus making my images useless. …So I have started scripting.

Basically I originally had 4 scripts that had to be manually run on the new machines.

In order to make things easier for other members of my team (they don’t have any macOS experience), set out to combine them all into a toolkit like utility.

What I have works now really well, provided it’s run in sequential order.

Is there any way modify this so that the commands run regardless of what order the person chooses?

Any help is greatly appreciated!

display dialog "macOS Prep Toolkit v. 0.1 Beta
Created by REDACTED 

This toolkit will assist you in preparing this device for deployment. 

If you wish to proceed, select Continue." with icon note buttons {"Exit", "Continue"}
if the button returned of the result is "Exit" then
	return
else if the button returned of the result is "Continue" then
end if
set mychoice to (choose from list {"1. Hide System Apps", "2. Enable Root User", "3. Disable FileVault Auto Login", "4. Hide Admin Accounts"} with prompt "What would you like to do?" OK button name {"Ok"} cancel button name {"Exit"})
if mychoice is false then return
display dialog "Toolkit will now automatically hide all non-essential Apple applications from the Applications folder. 

Hidden applications are still searchable via Spotlight. 

Once the command is finished, the dock will restart." with icon note buttons {"Exit", "Continue"}
if the button returned of the result is "Exit" then
	return
else if the button returned of the result is "Continue" then
end if
set selectedOption to "1. Hide System Apps"
tell application "Terminal"
	do shell script "sudo chflags hidden /Applications/App\\ Store.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Automator.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Books.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Calendar.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Contacts.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Chess.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/FaceTime.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Home.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/iTunes.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Mail.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Maps.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Messages.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/News.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Photo\\ Booth.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Reminders.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Siri.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Stocks.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Time\\ Machine.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/VoiceMemos.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo killall Dock" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Utilities/Bluetooth\\ File\\ Exchange.app" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo chflags hidden /Applications/Utilities/Boot\\ Camp\\ Assistant.app" user name "REDACTED" password "REDACTED" with administrator privileges
end tell
set theDialogText to "Operation completed, would you like to continue?"
display dialog theDialogText buttons {"Exit", "Continue"} default button "Continue" cancel button "Exit"
set mychoice to (choose from list {"1. Hide System Apps", "2. Enable Root User", "3. Disable FileVault Auto Login", "4. Hide Admin Accounts"} with prompt "What would you like to do?" OK button name {"Ok"} cancel button name {"Exit"})
if mychoice is false then return
set selectedOption to "2. Enable Root User."
display dialog "Toolkit will now enable the root account. 

The root account is a superuser with full read/write privileges to the system and is REQUIRED for CA to run. 

Select 'OK' to continue." with icon note buttons {"Exit", "Continue"}
tell application "Terminal"
	do shell script "dsenableroot -u REDACTED -p REDACTED -r REDACTED"
end tell
set theDialogText to "Operation completed, would you like to continue?"
display dialog theDialogText buttons {"Exit", "Continue"} default button "Continue" cancel button "Exit"
set mychoice to (choose from list {"1. Hide System Apps", "2. Enable Root User", "3. Disable FileVault Auto Login", "4. Hide Admin Accounts"} with prompt "What would you like to do?" OK button name {"Ok"} cancel button name {"Exit"})
if mychoice is false then return
set selectedOption to "3. Disable FileVault Auto Login"
display dialog "Toolkit will now disable the built-in auto login of the FileVault account after encryption. Select 'OK' to continue." with icon note buttons {"Exit", "Continue"}
tell application "Terminal"
	do shell script "sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES" user name "REDACTED" password "REDACTED" with administrator privileges
	
	do shell script "sudo touch /System/Library/PrivateFrameworks/EFILogin.framework/Resources/EFIResourceBuilder.bundle/Contents/Resources" user name "REDACTED" password "REDACTED" with administrator privileges
end tell
set theDialogText to "Operation completed, would you like to continue?"
display dialog theDialogText buttons {"Exit", "Continue"} default button "Continue" cancel button "Exit"
set mychoice to (choose from list {"1. Hide System Apps", "2. Enable Root User", "3. Disable FileVault Auto Login", "4. Hide Admin Accounts"} with prompt "What would you like to do?" OK button name {"Ok"} cancel button name {"Exit"})
if mychoice is false then return
set selectedOption to "4. Hide Admin Accounts"
display dialog "This script should be ran LAST in the build process and only AFTER the machine has been encrypted. 

It is designed to hide all administrator accounts from System Preferences > Users and Groups as well as fully disable the FileVault account from logging in after encryption. 

Select 'Continue' to confirm that the machine has been encrypted and continue." with icon note buttons {"Exit", "Continue"}
tell application "Terminal"
	do shell script "sudo dscl . create /Users/FileVault IsHidden 1" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo dscl . create /Users/REDACTED IsHidden 1" user name "REDACTED" password "REDACTED" with administrator privileges
	do shell script "sudo pwpolicy -u FileVault disableuser" user name "REDACTED" password "REDACTED" with administrator privileges
	display dialog "All operations completed. Thank you." with icon note buttons {"Exit"}
end tell

Model: MacBook Pro 2018
AppleScript: Version 2.11 (203)
Browser: Safari 605.1.15
Operating System: macOS 10.14

Hi. Welcome to MacScripter.

What you want is doable, but I’m not clear if all the options have to be eventually performed. The modification below uses a repeat which allows the first three options to be performed in any order and then goes on to the last — unless an “Exit” button’s clicked at any stage in the process, in which case the script stops and you have to start again from the beginning. It would be easy to modify it simply to exit the repeat on an “Exit” click and go on to the last item from there.

do shell script is one of AppleScript’s StandardAdditions commands. You don’t need to tell the Terminal to execute it. Terminal does have a do script command, which executes given text in one of its windows. But do shell script opens its own shell, executes the given code, and closes the shell again without Terminal. If you have several consecutive shell commands to execute, you may find the process slightly faster if you put them all in one string, separated with semicolons, and use just one do shell script command to execute them.

display dialog "macOS Prep Toolkit v. 0.1 Beta
Created by REDACTED 

This toolkit will assist you in preparing this device for deployment. 

If you wish to proceed, select Continue." with icon note buttons {"Exit", "Continue"} cancel button "Exit"

set first3Options to {"1. Hide System Apps", "2. Enable Root User", "3. Disable FileVault Auto Login"}
set i to 0
repeat until (i = 3) -- Until the first three options have been executed or an "Exit" button's clicked.
	set mychoice to (choose from list first3Options with prompt "What would you like to do?" OK button name {"Ok"} cancel button name {"Exit"})
	if mychoice is false then return
	set selectedOption to beginning of mychoice
	
	if (selectedOption is "1. Hide System Apps") then
		display dialog "Toolkit will now automatically hide all non-essential Apple applications from the Applications folder. 

Hidden applications are still searchable via Spotlight. 

Once the command is finished, the dock will restart." with icon note buttons {"Exit", "Continue"} cancel button "Exit"
		
		do shell script "sudo chflags hidden /Applications/App\\ Store.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Automator.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Books.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Calendar.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Contacts.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Chess.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/FaceTime.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Home.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/iTunes.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Mail.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Maps.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Messages.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/News.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Photo\\ Booth.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Reminders.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Siri.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Stocks.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Time\\ Machine.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/VoiceMemos.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo killall Dock" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Utilities/Bluetooth\\ File\\ Exchange.app" user name "REDACTED" password "REDACTED" with administrator privileges
		do shell script "sudo chflags hidden /Applications/Utilities/Boot\\ Camp\\ Assistant.app" user name "REDACTED" password "REDACTED" with administrator privileges
		
		set theDialogText to "Operation completed, would you like to continue?"
		display dialog theDialogText buttons {"Exit", "Continue"} default button "Continue" cancel button "Exit"
		set item 1 of first3Options to "1. [done]"
		set i to i + 1
		
	else if (selectedOption is "2. Enable Root User") then
		display dialog "Toolkit will now enable the root account. 

The root account is a superuser with full read/write privileges to the system and is REQUIRED for CA to run. 

Select 'Continue' to continue." with icon note buttons {"Exit", "Continue"} cancel button "Exit"
		
		do shell script "dsenableroot -u REDACTED -p REDACTED -r REDACTED"
		
		set theDialogText to "Operation completed, would you like to continue?"
		display dialog theDialogText buttons {"Exit", "Continue"} default button "Continue" cancel button "Exit"
		set item 2 of first3Options to "2. [done]"
		set i to i + 1
		
	else if (selectedOption is "3. Disable FileVault Auto Login") then
		display dialog "Toolkit will now disable the built-in auto login of the FileVault account after encryption. Select 'OK' to continue." with icon note buttons {"Exit", "Continue"} cancel button "Exit"
		
		do shell script "sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutoLogin -bool YES" user name "REDACTED" password "REDACTED" with administrator privileges
		
		do shell script "sudo touch /System/Library/PrivateFrameworks/EFILogin.framework/Resources/EFIResourceBuilder.bundle/Contents/Resources" user name "REDACTED" password "REDACTED" with administrator privileges
		
		set theDialogText to "Operation completed, would you like to continue?"
		display dialog theDialogText buttons {"Exit", "Continue"} default button "Continue" cancel button "Exit"
		set item 3 of first3Options to "3. [done]"
		set i to i + 1
		
	else
		-- display dialog "You've already done this option!
	end if
end repeat

-- Last option after the other three.
display dialog "4. Hide Admin Accounts

This part should be run LAST in the build process and only AFTER the machine has been encrypted. 

It is designed to hide all administrator accounts from System Preferences > Users and Groups as well as fully disable the FileVault account from logging in after encryption. 

Select 'Continue' to confirm that the machine has been encrypted and continue." with icon note buttons {"Exit", "Continue"} cancel button "Exit"

do shell script "sudo dscl . create /Users/FileVault IsHidden 1" user name "REDACTED" password "REDACTED" with administrator privileges
do shell script "sudo dscl . create /Users/REDACTED IsHidden 1" user name "REDACTED" password "REDACTED" with administrator privileges
do shell script "sudo pwpolicy -u FileVault disableuser" user name "REDACTED" password "REDACTED" with administrator privileges
display dialog "All operations completed. Thank you." with icon note buttons {"Exit"} cancel button "Exit"

Edit: bug fix as discussed below.

Yes, all the options are needed. I tried running this on my test machine and option 2 doesn’t do anything. Just returns me to my choices. I appreciate all the help, sir.

Ah. Sorry. Try leaving out the full stop after “User” in this line:

else if (selectedOption is "2. Enable Root User.") then

I click option 2 and it keeps bringing me back to my “what would you like to do?”

The fix I suggested works. But I’ve now edited the script in post #2 to include it. Let me know if there are still any problems.