I’m currently in the phase of a migration from Centrify to Casper, and to be honest there’s not an elegant way to completely remove one and move to the other, so myself and Lewis Lebentz broke out the shell script and dusted of Terminal and have come up with a script that will inevitably help others who are chasing the same goal:

#!/bin/sh

#Echo on
set -x

#Add localadmin user
sysadminctl -addUser localadmin -fullName "YOURLOCALADMINISTRATORACCOUNT" -UID 499 -password "YOURLOCALADMINPASSWORD" -home /Users/"LOCALADMINHOMEFOLDER"/ -admin

#Change directory and download QuickAdd
cd /Users/Shared && curl -L -o QuickAdd.pkg "URLOFUPLOADEDQUICKADDPACKAGEHERE"

#Install QuickAdd
installer -pkg QuickAdd.pkg -target /

#Remove QuickAdd installer
rm QuickAdd.pkg

#Sleep
sleep 15

#Leave AD
adleave -r --user "AD Service Account" --password "AD Service Account Password"

#Uninstall Centrify
/bin/sh /usr/local/share/centrifydc/bin/uninstall.sh -n

#Optional - Reset Computer Name
#Prompt User for a new Hostname
hostname=$(/usr/bin/osascript <<-'__EOF__'
tell application "System Events"
  activate
  set input to display dialog "Enter New Computer Name: " default answer "" buttons {"OK"} default button 1
  return text returned of input as string
end tell
__EOF__
)

#Set hostname to value entered above
scutil --set ComputerName "$hostname"
scutil --set LocalHostName "$hostname"
scutil --set HostName "$hostname"

#Sleep
sleep 5

#Bind to Active Directory
jamf policy -event "YOURDOMAINBINDTRIGGER"

#Fix user permissions
for USER_HOME in /Users/*
do
  USER_UID=`basename "${USER_HOME}"`
  chown -R "${USER_UID}":"DOMAIN\Domain Users" "${USER_HOME}"
done

#Sleep
sleep 5

#OPTIONAL - Convert Mobile Account to Local Account
#jamf policy -event MobileLocal

#Update inventory
jamf recon

We have some extra modifications that allow the user to enter an Asset Tag and a New Computer Name before joining Casper as we’ve chosen to rename our machines to allow for better Smart Computer Groups in Casper.

Then you have to migrate the User account on the mac to be owned by domain users effectively, take a look at the following JAMF Nation article, where I’ve outlined what needs to be done. (Thanks go to @stevewood for confirming!)

Modify the script to your need and see you on the Casper side!

Shout out to Lewis Lebentz for compiling this.