Skip to main content

Clean Uninstallation of Rippling from macOS Devices Using Swif

Updated over a month ago

This guide will help administrators ensure that Rippling MDM and associated components are completely removed from macOS devices, preventing conflicts or interference with Swif's MDM-installed profiles.

Step-by-Step Guide

Step 1: Create a Command in Swif

Follow the instructions provided here to create a new command. When defining the command, use the following shell script:

#!/bin/bash

# Rippling MDM Removal Script for macOS
# This script will uninstall the Rippling agent and all associated components.
# It unloads and removes Rippling LaunchDaemons/LaunchAgents, deletes Rippling files and directories,
# removes any Rippling configuration profiles, and resets custom settings (like login window text).
# Designed to run as root (e.g., via MDM) without any interactive prompts.

# Exit if not run as root (UID 0)
if [ "$(id -u)" -ne 0 ]; then
    echo "ERROR: This script must be run as root."
    exit 1
fi

# Unload and remove all Rippling LaunchDaemons (system-wide services)
if [ -d /Library/LaunchDaemons ]; then
    for plist in /Library/LaunchDaemons/com.rippling.*.plist; do
        [ -e "$plist" ] || continue   # skip if no Rippling LaunchDaemons exist
        # Use launchctl bootout to stop the LaunchDaemon in the system domain
        launchctl bootout system "$plist" 2>/dev/null || echo "NOTE: $(basename "$plist") not running or already unloaded"
        # Remove the LaunchDaemon plist file
        rm -f "$plist"
        echo "Removed LaunchDaemon: $(basename "$plist")"
    done
fi

# Unload and remove all Rippling LaunchAgents in /Library (these run in user login sessions)
if [ -d /Library/LaunchAgents ]; then
    for plist in /Library/LaunchAgents/com.rippling.*.plist; do
        [ -e "$plist" ] || continue   # skip if no Rippling LaunchAgents exist
        # Unload the LaunchAgent from each logged-in user session (GUI login)
        for user in $(who | awk '{print $1}' | sort -u); do
            # Skip system accounts or root
            if [[ "$user" == "root" || "$user" == "_mbsetupuser" ]]; then
                continue
            fi
            userID=$(id -u "$user" 2>/dev/null)
            if [ -n "$userID" ]; then
                launchctl bootout gui/"$userID" "$plist" 2>/dev/null
            fi
        done
        # Remove the LaunchAgent plist file
        rm -f "$plist"
        echo "Removed LaunchAgent: $(basename "$plist")"
    done
fi

# Unload and remove any Rippling LaunchAgents in users' home directories (if installed per-user)
for userHome in /Users/*; do
    if [ -d "$userHome/Library/LaunchAgents" ]; then
        for plist in "$userHome/Library/LaunchAgents"/com.rippling.*.plist; do
            [ -e "$plist" ] || continue
            # Determine the user and unload the agent if the user is currently logged in
            userName=$(basename "$userHome")
            userID=$(id -u "$userName" 2>/dev/null)
            if [ -n "$userID" ]; then
                launchctl bootout gui/"$userID" "$plist" 2>/dev/null
            fi
            # Remove the per-user LaunchAgent file
            rm -f "$plist"
            echo "Removed user LaunchAgent: $plist"
        done
    fi
done

# Remove the main Rippling application, if present
if [ -d "/Applications/Rippling.app" ]; then
    rm -rf "/Applications/Rippling.app"
    echo "Removed /Applications/Rippling.app"
fi

# Remove Rippling directories (if they exist)
if [ -d /opt/rippling ]; then
    rm -rf /opt/rippling
    echo "Removed /opt/rippling"
fi
if [ -d /usr/local/rippling ]; then
    rm -rf /usr/local/rippling
    echo "Removed /usr/local/rippling"
fi

# Remove any Chef provisioning data that Rippling might have used
if [ -d /opt/chef ]; then
    rm -rf /opt/chef
    echo "Removed /opt/chef (Chef client)"
fi
if [ -d /private/var/chef ]; then
    rm -rf /private/var/chef
    echo "Removed /private/var/chef (Chef cookbooks)"
fi

# Remove Rippling support files under /Library, if any
if [ -d "/Library/Application Support/Rippling" ]; then
    rm -rf "/Library/Application Support/Rippling"
    echo "Removed /Library/Application Support/Rippling"
fi
# Remove any Rippling-related preferences
if ls /Library/Preferences/com.rippling.* &>/dev/null; then
    rm -f /Library/Preferences/com.rippling.*
    echo "Removed /Library/Preferences/com.rippling.* files"
fi

# Remove any configuration profiles associated with Rippling (com.rippling.* profiles)
if profiles -P 2>&1 | grep -q "com.rippling"; then
    # List all profile identifiers containing "com.rippling"
    for profile_id in $(profiles -P | grep "com.rippling" | sed -E 's/.*Identifier: *([^\)]*com.rippling[^,]+).*/\1/'); do
        echo "Removing profile: $profile_id"
        profiles -R -p "$profile_id" 2>/dev/null || echo "NOTE: Failed to remove profile $profile_id (may require manual removal)"
    done
fi

# Reset login window text to blank (clears any message set by Rippling)
defaults write /Library/Preferences/com.apple.loginwindow LoginwindowText "" 2>/dev/null

echo "Rippling removal complete. All Rippling components have been removed."

Step 2: Configure the Command to Run Every 30 Minutes

Set the command frequency to execute every 30 minutes, ensuring it regularly checks and removes any lingering Rippling files or profiles.

Step 3: Create a Device Group

  1. Create a dedicated device group or use an existing device group in Swif.

  2. Assign the previously created command to this device group.

  3. Add all devices from which Rippling should be removed into this group. The script will automatically execute on these devices according to the set schedule.

Verification and Troubleshooting

  • Regularly check Swif’s command execution status reports to verify successful command deployment.

  • Manually verify on macOS devices by ensuring Rippling and associated files and profiles no longer exist.

For further assistance or troubleshooting, please contact Swif Support.

Related Articles
Installing Custom Software via Swif
Did this answer your question?