97 lines
3.1 KiB
Bash
97 lines
3.1 KiB
Bash
#!/bin/bash
|
|
##########################################################################
|
|
# Script : Change FW-PW
|
|
# Autor : Andreas Vogel
|
|
# Copyright : NEXT Enterprise gmbh, 2021
|
|
##########################################################################
|
|
unset setpassword_fv
|
|
unset rotatepassword_fv
|
|
unset adduser_fv
|
|
|
|
############################################# Jamf Hepler Messanger #############################################################
|
|
|
|
jamfHelper="/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper"
|
|
jamf="/usr/local/bin/jamf"
|
|
|
|
ErrorIcon=""
|
|
Error="An unexpected error has occurred. The encryption does not work properly. Please contact Mac support."
|
|
MessageIcon="/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/ToolbarCustomizeIcon.icns"
|
|
Message="The Filevault setting must be updated. Please enter your current Windows password in the next window."
|
|
|
|
|
|
############################################# Variablen #########################################################################
|
|
Status=$(fdesetup status | cut -d ' ' -f 3)
|
|
echo $Status
|
|
user=$(stat -f '%u %Su' /dev/console | cut -d ' ' -f 2)
|
|
|
|
adminName="ladmin"
|
|
adminPass=""
|
|
|
|
############################################# Funktion #########################################################################
|
|
|
|
enable_fv () {
|
|
expect <<EOF
|
|
spawn fdesetup enable
|
|
expect "Enter the user name:"
|
|
send "$adminName\r"
|
|
expect "Enter the password for user $user:"
|
|
send "$adminPass\r"
|
|
expect EOF
|
|
EOF
|
|
}
|
|
|
|
|
|
rotatepassword_fv () {
|
|
expect <<EOF
|
|
spawn fdesetup changerecovery -personal
|
|
expect "Enter the user name:"
|
|
send "$adminName\r"
|
|
expect "Enter the password for user $user:"
|
|
send "$adminPass\r"
|
|
expect EOF
|
|
EOF
|
|
}
|
|
|
|
adduser_fv () {
|
|
expect <<EOF
|
|
spawn fdesetup add -usertoadd $user
|
|
expect "Enter the primary user name:"
|
|
send $adminName\r
|
|
expect "Enter the password for the user $adminName:"
|
|
send $adminPass\r
|
|
expect "Enter the password for the added user $user:"
|
|
send $APASS\r
|
|
expect
|
|
EOF
|
|
}
|
|
|
|
############################################# Ausführung #############################################################################
|
|
|
|
if [[ $Status == "Off." ]]
|
|
then
|
|
HELPER=$("$jamfHelper" -windowType utility -icon "$MessageIcon" -title "Error" -description "$Message" -button1 "OK" -defaultButton 1)
|
|
echo "Exit Code: FileVault is disabled and will now be enabled."
|
|
|
|
APASS=$(osascript -e 'text returned of (display dialog "Please enter your current Windows password" with hidden answer default answer "" buttons {"OK"} default button 1)')
|
|
if enable_fv
|
|
then
|
|
sleep 30
|
|
|
|
if adduser_fv
|
|
then
|
|
jamf recon
|
|
else
|
|
printf HELPER=$("$jamfHelper" -windowType utility -icon "$ErrorIcon" -title "Error" -description "$Error" -button1 "OK" -defaultButton 1)
|
|
echo "Exit Code: FileVault 2 wurde aktiviert. User konnte nicht hinzugefügt werden."
|
|
fi
|
|
|
|
else
|
|
printf HELPER=$("$jamfHelper" -windowType utility -icon "$ErrorIcon" -title "Error" -description "$Error" -button1 "OK" -defaultButton 1)
|
|
echo "Exit Code: FileVault 2 konnte nicht aktiviert werden."
|
|
fi
|
|
else
|
|
|
|
rotatepassword_fv
|
|
jamf recon
|
|
echo "FileVault is active. The key is changed"
|
|
fi |