Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/mpanighetti/add-securetoken-to-target-user

This script adds a SecureToken to the target local user to prepare the Mac for enabling FileVault.
https://github.com/mpanighetti/add-securetoken-to-target-user

filevault macos securetoken

Last synced: 8 months ago
JSON representation

This script adds a SecureToken to the target local user to prepare the Mac for enabling FileVault.

Awesome Lists containing this project

README 

          
# Add SecureToken to Target User



This project includes workflows for adding SecureToken to a target local user. This workflow is required to authorize programmatically-created user accounts (that were not already explicitly given a SecureToken) to enable or use FileVault and unlock disk encryption on APFS-formatted startup volumes.



## Script



This script adds a SecureToken to the target local user to prepare the Mac for enabling FileVault. Prompts for password of SecureToken admin (gets SecureToken Admin Username from Jamf Pro script parameter) and target user.



## Extension Attribute



**SecureToken Status - Logged-In User** is a Jamf Pro extension attribute (see [Computer Extension Attributes](https://learn.jamf.com/en-US/bundle/jamf-pro-documentation-current/page/Computer_Extension_Attributes.html) in Jamf Pro Documentation). After uploading this extension attribute to Jamf Pro, you can target a policy running this repository's main script at a smart computer group of Macs where the logged-in user has a value of `DISABLED` for this script's output. Once a SecureToken has been added to the target user, this script should report `ENABLED` if everything ran as expected.



## Credits



- `sysadminctl` SecureToken syntax discovered and formalized in [MacAdmins Slack](https://macadmins.slack.com) #filevault.



## License



This project is offered under an MIT License.