Step 3 - Create a EA to display the EFI password applied #!/bin/bashĮcho "$( ls /private/var/.fp | sort -V )" Step 2 - Create a Policy and include Restart Options with "Restart Immediately" trigger for the changes to take effect post successful run of Set Random EFI Password.sh
# set the firmware password only after a successful inventory update to Jamf ProĮcho "Updating Jamf Pro inventory to upload firmware password" usr/local/bin/jamf recon & /usr/local/bin/jamf setOFP -mode command -password "$randpassword" # update Jamf Pro computer record with firmware password and set only if inventory was updated Logresult "Writing password to file "$fpdirectory/$randpassword"" "Failed writing password to file "$fpdirectory/$randpassword"" usr/bin/touch "$fpdirectory/$randpassword" # write random password to temporary file Logresult "Generating 8-character firmware passcode: $randpassword" "Failed generating 8-character firmware passcode." Randpassword=$( /usr/bin/openssl rand -hex 6 ) Logresult "Creating "$fpdirectory" directory" "Failed creating "$fpdirectory" directory" If | thenĮcho "A firmware password is already set. # if a firmware password is already set, stop the script and report failure in Jamf Pro # verify whether a firmware password is setĮcho "Checking for existing firmware password"ĬheckFirmwarePassword=$( /usr/sbin/firmwarepasswd -check ) Step 1 - Setting a Random EFI Password on Intel based Mac To all the admins out there who is seeking a seamless solution on EFI Firmware password management. Not a Shell Script Expert, But still tried creating a in-house script with logical functions and finally achieved the desired result. After multiple research from GitHub's, stack overflow, JAMF nation blogs I was still unable to find a method to manage, verify & delete the EFI passwords on mac devices.
0 kommentar(er)
