Resetting authchanger after Mac Os upgrade

Question

Hello all,

New to Jamf Pro here and I am currently setting up a Big Sur upgrade.
I am currently trying to come up with the best way to re enable the login window for Jamf Connect after the upgrade as mentioned here. https://docs.jamf.com/jamf-connect/2.1.2/administrator-guide/Re-enabling_the_Login_Window_after_a_Major_macOS_Upgrade.html

I am using the script found here in self service to install the OS upgrade.
https://github.com/kc9wwh/macOSUpgrade/blob/master/macOSUpgrade.sh

I have a script created and login hooks set up. I am currently trying to scope it to computers that have just installed macOS Big Sur.

My question is this:

What criteria should I be using to scope it to computers that have just installed mac OS, rather than all computers on Big Sur.
Is there a better way to ensure the authchanger reset is run post upgrading ?

Any guidance on this is appreciated! Thanks.

PerryK · Answer

How did you go ?I've not tried it, however I'm going to give this a shot once back in the office and pushing some machines to Big Sur:  https://github.com/kennyb-222/NoMADLoAD_AppleStagedUpdates/For a low tech version, you could create a policy targeted toward Big Sur devices, set to run once per computer, and use file/process setting to run authchanger -reset -AD.Alternatively, a different approach might be to run a script which calls the API to set an EA before you call the macOSUpgrade script. Then have a policy run for any system which has that EA set which runs authchanger and clears the EA.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded