How do we configure a computer smart group to show which computers have Touch ID configured/enrolled for locking/unlock? I’ve tried ChatGPT, Gemini, and Claude to help configure a computer extension to no avail.
Page 1 / 1
Probably not going to be easy, and may not be possible.
You would need to find the file where the fingerprint is saved, and check to see if there is one there. But you will not know if it is in use. The problem you will face is that by its very nature, Apple will make finding it and working out anything from it very difficult.
I would suggest having a clean install, and putting Composer on it, then with no Fingerprint saved, run the deepest scan you can. Then once it has done the snapshot. Set a fingerprint, and then run the completion scan in Composer.
You are not doing this to capture the fingerprint info. What you are doing is using composer to hunt for changed system files. That will give you target locations to inspect and see what you can build into an Extension Attribute.
My thoughts are you will only end up with maybe general results.
Is a fingerprint saved? Possibly.
Is it in use? Unclear
/Library/Preferences/com.apple.biometricid.plist
Will probably be the best place to start looking, but you will have to get an unused version, first, and then change the settings and compare the changes in the plist. There might be something in there that you can check for.
Going to take a lot of testing to find it.
I looked in to this a few weeks ago, I dont think its possible. The TouchID registration is stored in the security enclave, and there is no way to interact with that from CLI.
thread posted previously?
Doesn’t work correctly :( Need to spend more time tweaking it.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.