Escrow Bootstrap Token (macOS)
| 0 Votes |
Description
This fixlet creates or updates the Bootstrap Token APFS record and escrows the information to the device's MDM server.
Provided credentials MUST be for an account with a secure token. If account does not have a secure token, fixlet will exit with exit code 30.
Property Details
| 27380 | |
| Production - Fully Tested and Ready for Production | |
| Escrow Bootstrap Token (macOS) | |
| BESC | |
| Internal | |
| 4/17/2025 12:00:00 AM | |
| macOS, bootstrap, token, mac, escrow | |
| True | |
| eg2428 on 8/27/2025 11:03:51 AM | |
| eg2428 on 8/27/2025 11:03:51 AM | |
| 403 Views / 0 Downloads | |
* Average over 0 ratings.
** Log In or Register to add your rating.
|
Relevance
mac of operating system
Actions
Action 1 (default)
Action Link Click
here to deploy this action.
Script Type
BigFix Action Script
parameter "mainSWDLogFolder" = "{parent folder of client folder of current site}/__Global/SWDDeployData"Success Criteria
folder create "{parameter "mainSWDLogFolder"}"
parameter "logFile" = "SWD_DeploymentResults.log"
parameter "scriptName" = "tenHut.sh"
wait sh -c "echo '' >> '{parameter "mainSWDLogFolder"}/{parameter "logFile"}'"
wait sh -c "echo $(date +%Y_%m_%d' '%T) >> '{parameter "mainSWDLogFolder"}/{parameter "logFile"}'"
wait sh -c "echo Action ID: {id of active action} >> '{parameter "mainSWDLogFolder"}/{parameter "logFile"}'"
delete __createfile
delete "__Download/{parameter "scriptName"}"
createfile until _end_
#!/bin/zsh
adminUser="{parameter "username" of action}"
precheck=$(sysadminctl -secureTokenStatus $adminUser 2>&1)
if [[ "$precheck" == *"ENABLED"* ]]; then
echo "Provided user $adminUser has a secure token. Continuing..." >> '{parameter "mainSWDLogFolder"}/{parameter "logFile"}'
exit 0
elif [[ "$precheck" == *"DISABLED"* ]]; then
echo "Provided user $adminUser does not have a secure token" >> '{parameter "mainSWDLogFolder"}/{parameter "logFile"}'
exit 30
else
echo "Error checking $adminUser secure token status" >> '{parameter "mainSWDLogFolder"}/{parameter "logFile"}'
exit 31
fi
_end_
copy "__createfile" "__Download/{parameter "scriptName"}"
wait chmod +x "__Download/{parameter "scriptName"}"
wait /bin/zsh "__Download/{parameter "scriptName"}"
parameter "error" = "{exit code of action}"
delete __createfile
delete "__Download/{parameter "scriptName"}"
if {parameter "error" is "0"}
wait bash -c "profiles install -type bootstraptoken -user '{parameter "username" of action}' -password '{parameter "password" of action}' >> '{parameter "mainSWDLogFolder"}/{parameter "logFile"}'"
parameter "error2" = "{exit code of action}"
wait sh -c "echo Return Code: {parameter "error2"} >> '{parameter "mainSWDLogFolder"}/{parameter "logFile"}'"
endif
if {parameter "error" != "0"}
wait sh -c "echo Return Code: {parameter "error"} >> '{parameter "mainSWDLogFolder"}/{parameter "logFile"}'"
exit {parameter "error"}
endif
exit {parameter "error2"}
This action will be considered successful when all lines of the action script have completed successfully.
Sharing
| Social Media: |
