Skip to main content

Hello everybody,



I managed to get my 2018 and 2019 13" MacBook Pro into a state that even xartutil -erase-all will not allow me to add more fingerprints.



Since imaging is no viable deployment method anymore I started experimenting with the -eraseinstall option to do an in-place wipe and reinstall of macOS 10.14. My DEP prestage profile includes registering a fingerprint to make certain the Touch ID is working and we also turn FileVault on via profile to escrow the key into JSS.



This worked great for 15 times and when I tried the 16th time I did no longer get the Touch ID prompt during Apple Assistant Setup. Trying to add a fingerprint via System Preferences shows the well known message that no more fingerprints can be added.



I thought "not a big deal, just run xartutil -erase-all and it will start working again". True for my 2016 and 2017 MacBook Pro (it's actually part of my imaging script) but not for the 2018 and 2019 with T2 chip. It is well known by now that -erase-all will also erase the encryption key and renders the SSD unusable (password is no longer being accepted) even if FileVault is turned off. But I could not find any hints about erase-all not fixing the Touch ID issue anymore.



I will let the Apple Geniuses deal with those two MacBook Pro but I was wondering if any of you is using the -eraseinstall on 2018/2019 MacBook Pro with FV enabled and fingerprints registered and experienced any issues after more that 15 reinstalls.



Thanks,
Dirk

@dmatth01 We have observed the same on 2018 MBPro hardware. Little to no response from Apple around this, other than "well, it should work".

well.. I didn't know it was only 15 thanks.. I test the same way you do and I had a brand new Air start KP after every clean install.. thinking back now it was about after 15 installs when it started.... I took it to my local store and they had to replace everything.. MLB/TouchBar/the finger scanner button... I thought it was strange that they had to replace all that stuff for a simple KP...



C

Just managed to break my 2018 15" MBP also, that makes it 3 for the Geniuses tomorrow...

I wonder if the fingerprints stored on the T2 chip and that is why an erase and install does nothing.

I just "fixed" the 2018 13" and 15" MBP by installing the latest Catalina Beta, apparently that includes some command or update that resets the Secure Enclave and allows storing more fingerprints. The 2019 13" MBP seems to be more broken since it reboots on its own a few seconds after opening System Preferences (just after the Touch ID icon appeared), I will leave that for the Geniuses. Now it will be interesting what happens after I eraseinstall 10.14 more than 15 times...

@dmatth01



My Air was doing the same as 2019 13 MBP before I took it in. Good to know that Catalina beta fixes some fo the issue and that Apple knows it's an issue.



Thanks



C

Reply


Terms & ConditionsCookie settings