Alte_Skripte/rotate_recovery_key_by_User.sh

#!/bin/bash
##########################################################################
# Script		:	Rotate Recovery Key by User
# Autor			:	Andreas Vogel
# Copyright		:	nextenterprise gmbh, 2021
##########################################################################
unset setpassword_fv
unset rotatepassword_fv

############################################# Variablen #########################################################################
Status=$(fdesetup status | cut -d ' ' -f 3)
user=$(stat -f '%u %Su' /dev/console | cut -d ' ' -f 2)
UUID=$(dscl . -read /Users/$user GeneratedUID | awk '{print $2}')

jamfHelper="/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper"
jamf="/usr/local/bin/jamf"
BRANDING="/Users/$user/Library/Application Support/com.jamfsoftware.selfservice.mac/Documents/Images/brandingimage.png"

SuccessfulIcon="/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/AlertNoteIcon.icns"
ErrorIcon="/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/AlertStopIcon.icns"

############################################# Funktion #############################################################################
setpassword_fv () {
expect <<EOF
spawn fdesetup enable
expect "Enter the user name:"
send "$user\r"
expect "Enter the password for user '$user':"
send "$APASS\r"
expect EOF
EOF
}


rotatepassword_fv () {
expect <<EOF
spawn fdesetup changerecovery -personal
expect "Enter the user name:"
send "$user\r"
expect "Enter the password for user '$user':"
send "$APASS\r"
expect EOF
EOF
}

############################################# Messages ###############################################################################
Message="The recovery key must be updated. 
Please enter your MacBook password so that a new recovery key can be created for the MacBook. The recovery key will then be saved in the management system. "

FailedChange="Something has gone wrong. A new recovery key could not be created. Please contact the IT support."

SuccessfulChange="Thanks for your help. A new recovery key has been created and transferred to the management system."

############################################# Ausführung #############################################################################
HELPER=$("$jamfHelper" -windowType utility -icon "$BRANDING" -title "new recovery key" -description "$Message" -button1 "OK" -defaultButton 1)

APASS=$(osascript -e 'text returned of (display dialog "Enter the login password" with hidden answer default answer "" buttons {"OK"} default button 1)')

if dscl /Local/Default -authonly $user $APASS
	then
		rotatepassword_fv
		printf HELPER=$("$jamfHelper" -windowType utility -icon "$SuccessfulIcon" -title "Successful" -description "$SuccessfulChange" -button1 "OK" -defaultButton 1)
		echo "Exit Code: Rotate Recovery Key Successful."
		
		jamf recon
	else
		printf HELPER=$("$jamfHelper" -windowType utility -icon "$ErrorIcon" -title "Error" -description "$FailedChange" -button1 "OK" -defaultButton 1)
		echo "Exit Code: ERROR"
fi