Closed Freda72 closed 4 years ago
Here's the section of the script you'd want to modify for that:
Just comment out the while
loop lines, then set secureTokenAdminPass
to a new Jamf Pro parameter ($6
and later are not taken). A few things to note, however:
This modification will remove the password validation step, which means the script may fail for unknown reasons if the password is entered incorrectly. To restore this behavior, add the following line after your SecureToken admin password definition but before the script attempts to grant SecureToken:
local_account_password_validation "$secureTokenAdmin" "$targetUserPass"
Hope that helps!
Hi. When I run the script from Jamf I get tis error Script result: ✅ Verified ***** has SecureToken. &&&&&&&& missing SecureToken, prompting for credentials... 35:43: execution error: An error of type -10810 has occurred. (-10810) ❌ ERROR: A password was not entered for &&&&&&&&, unable to proceed. Please rerun policy; if issue persists, a manual SecureToken add will be required to continue.
I dont get the option to enter a password. I have not yet inserted the validation string
But if I run it Terminal on a computer where I dont have a Secure Token it works perfecly with modification to Jamf Pro parameters but then I have admin password in clear text.
Du you have any idea what is going wrong?
Can you share the changes you made to the script?
secureTokenAdmin="Admin" secureTokenAdminPass="AdminPassword" #added this at line 26
147 # Add SecureToken to $loggedInUser. 148 while [[ $(/usr/sbin/sysadminctl -secureTokenStatus "$loggedInUser" 2>&1) =~ "DISABLED" ]]; do 149 150 # Get $secureTokenAdmin password. 151 /bin/echo "$loggedInUser missing SecureToken, prompting for credentials..." 152 #while [[ $(/usr/bin/dscl "/Local/Default" authonly "$secureTokenAdmin" "$targetUserPass" > "/dev/null" 2>&1; /bin/echo $?) -ne 0 ]]; do 153 #local_account_password_prompt "$secureTokenAdmin" ". User's credentials are needed to grant a SecureToken to $loggedInUser." 154 #local_account_password_validation "$secureTokenAdmin" "$targetUserPass" 155 #done 156 #secureTokenAdminPass="$targetUserPass"
So the only change I have made is added line 26 and marked out 150-156 Since it works when Iam running it locally Iam thinking that it might be an issue when running a script from Jamf Pro, but that seems wierd..
One possibility is that your SecureToken admin password contains special characters that are breaking out of the string when run via Jamf Pro. Try changing it to a simpler password and seeing if it successfully runs in the policy, that'd be a good test at least.
Hi there.
What needs to be changed if a want admin password to be included as a parameter? I have tried to figure it out but soon realized that Iam no good at coding..
Regards Freda