Here is the updated version of the article, "Create and Run a Command in Swif", reflecting the latest tooltips and features based on the images you provided:
Create and Run a Command in Swif
Swif's Command feature allows administrators to automate and manage tasks across devices in your organization, regardless of whether they are running macOS, Windows, or Linux. With this feature, you can execute commands that streamline processes like system configuration, application management, or any custom task automation. Additionally, Swif provides flexibility to run commands manually or on a scheduled basis.
Command Features Per Operating System
Swif supports a variety of command executions for macOS, Windows, and Linux. Below is a comparison of the command features available across different operating systems:
OS | macOS | Windows | Linux |
Run as Swif Admin | ✓ |
| ✓ |
Run as Local User | ✓DEFAULT | ✓ | ✓DEFAULT |
Run as System User |
| ✓DEFAULT |
|
Scheduled Job | ✓ | ✓ | ✓ |
Run as Swif Admin: Execute commands with administrative privileges (macOS, Linux). Make sure Swif admin account is not disabled.
Run as Local User: Run commands as the default local user (macOS, Windows, Linux).
Run as System User: Execute commands as the system user (Windows).
Scheduled Jobs: Run commands at specific times (or intervals) based on a defined schedule.
How to Create and Run a Command
Step 1: Log into the Swif Console
Start by logging into the Swif Console and navigating to Device Management. Select Commands to proceed.
Step 2: Create a New Command
Click on the Create New Command button to open the command configuration page.
Step 3: Add Basic Information
Fill in the following fields for your command:
Command Name: Give your command a clear, descriptive name (e.g., "Install Updates").
Description: Add an optional description to help identify the purpose of the command (e.g., "This command installs the latest security updates").
OS Type: Choose the operating system(s) for the command (macOS, Windows, or Linux).
Command Script: Enter the script you wish to run on the target devices. This script will vary depending on the selected OS:
For macOS and Linux, use bash or sh scripts (e.g.,
#!/bin/bash).To run as sudo, you can use `echo '{PASSWORD}' | sudo -S ls` where the PASSWORD is the local user password.
For Windows, use PowerShell or Batch scripts (e.g.,
#!/usr/bin/env pwshfor PowerShell). By default, it runs as a SYSTEM user.
Step 4: Schedule the Command
Run Schedule: Choose how the command will be executed:
Run Manually: The command will only run when manually triggered.
Run as Scheduled: The command will run at a specified time using the UNIX crontab format (
minute hour day-of-month month day-of-week). For more details on how to schedule commands, refer to the link on scheduling commands.
Command Status: Choose Enabled for the command to be active upon creation and trigger at the scheduled run time. If disabled, the command will not run unless manually enabled.
Tooltip: "Enabled: Command will be active upon creation and trigger at the scheduled run time. Disabled: Command will be inactive and won't trigger at the scheduled time until enabled."
Step 5: Set Timeout and Run with Admin Privileges (Optional)
Timeout After: Optionally set a timeout (in seconds) for the command to automatically stop if it exceeds a certain duration.
Run on Swif Admin Account: If you wish the command to execute with Swif Admin privileges (instead of a local user), check this box. This is particularly useful for running administrative tasks that require elevated permissions.
Step 6: Save the Command
Once you’ve filled out the necessary fields and configured the schedule, click Continue to deploy to devices or groups.
Running on the Swif Admin Account
When running on the Swif Admin Account, with the latest update, Swif now supports the use of dynamic placeholders in command scripts, enhancing security and ease of use. One of the key features introduced is the {{SWIF_ADMIN_PASSWORD}} placeholder. This allows scripts to dynamically use the generated Swif admin password at runtime, eliminating the need to hardcode sensitive credentials.
How to Use {{SWIF_ADMIN_PASSWORD}}
When writing command scripts in the Swif command editor, you can now include {{SWIF_ADMIN_PASSWORD}} to insert the Swif admin password automatically. This is particularly useful for commands that require admin privileges. Here are some example commands:
sysadminctl -adminUser {{SWIF_ADMIN_USER}} -adminPassword '{{SWIF_ADMIN_PASSWORD}}' -secureTokenOn YOUR_USER -password 'YOUR_USER_PASSWORD'sysadminctl -adminUser {{SWIF_ADMIN_USER}} -adminPassword '{{SWIF_ADMIN_PASSWORD}}' -secureTokenOff YOUR_USER -password 'YOUR_USER_PASSWORD'This feature streamlines workflows by securely managing admin credentials and reducing manual input errors. For more detailed instructions on running commands as sudo on macOS with Swif, please take a look at this guide. To more details on running as SYSTEM user, you can refer to this guide.
How to Use {{SWIF_ADMIN_USER}} on Windows
Note, for security reasons, Windows usually prompts for the password interactively when you try to run as another user. This is a built-in security mechanism to avoid exposing credentials directly in scripts or command-line parameters.
Unlike macOS or Linux, where you can often pass credentials programmatically (e.g. sudo with automation), Windows requires the user to enter the password manually when using commands like runas.
There are workarounds using PowerShell’s Start-Process -Credential, or third-party tools like PsExec, but natively runas itself doesn’t accept a password directly for security reasons.
Run Commands as Local User on Windows Devices
Swif now supports running scripts as the logged-in local user on Windows devices.
How to Enable:
When creating or editing a command for Windows, you can now select:
Run As: Choose between
System(default, runs as the Windows SYSTEM user)Local User(executes in the context of the currently logged-in user)
✅ This is useful for scenarios where user-specific permissions, UI interactions, or profile paths (e.g., %USERPROFILE%) are required.
Notes:
If no user is logged in when the command runs, it will not execute.
Works on Windows 10 and above.
This enhancement provides more flexibility in managing tasks like app installs, registry edits, or scripts that require user context.
To more details on running as SYSTEM user, you refer to this guide.
Viewing Command Reports
After executing a command, you can view the Command Report to review its output:
Go to Device Management and select Commands.
Click on View Command Report to see details about its execution, including any errors or success messages.
Troubleshooting Command Execution Issues
If you encounter any issues while running commands, refer to the following resources:
Troubleshooting Command Queueing Behavior and Status in Swif: Understand how a command is queued and processed.
Troubleshooting Windows Command Execution: If your Windows commands aren’t running as expected, consult this troubleshooting guide.
General Command Errors: Review the Command Report to check for any potential issues with the script or execution environment.
Conclusion
Swif’s Command feature provides a powerful tool for automating tasks across different operating systems. Whether running commands on macOS, Windows, or Linux, you have complete control over the execution schedule and user permissions. By leveraging this feature, you can simplify and automate device management in your organization.
For more information on scheduling commands or troubleshooting issues, refer to the links provided in this article or explore the Swif documentation for additional resources.