Help

Filevault Recovery Partition script

macuser2
New Contributor

Posted on ‎11-09-2017 08:26 AM

I have been tasked to discover which of our mac estate has a recovery partition remotely.

I would like to send a terminal command in order to obtain the Machost name and run diskutil list in order to check if one is in place.

Can anyone assist with simple script that will output the above variables to into an xls/txt file that I can push out in order to obtain this information - any help would be much appreciated.

Kindest regards

0 Kudos
3 REPLIES 3

steve_summers
Contributor III

Posted on ‎11-09-2017 11:18 AM

@macuser2 , here is an Extension Attribute we use to discern if a Mac has a recovery partition present. Hopefully this is what you're looking for? If you're looking for a spreadsheet, there is a smart group key you can use as well, "Recovery HD Present" with is or is not as flags. If you use a smart group, you can export it into a CSV file. Hope that helps you. 

#!/bin/sh

recoveryHDPresent=`/usr/sbin/diskutil list | grep "Recovery HD" | grep disk0`

if [ "$recoveryHDPresent" != "" ]; then
    echo "<result>Present</result>"
else
    echo "<result>Not Present</result>"
fi

macuser2
New Contributor

Posted on ‎11-14-2017 12:49 AM

Thanks Steve for assisting, yes I essentially I just need to confirm just the hostname of the device and also if the Mac Laptop has a RP.
I have found another script :

!/bin/bash

if [ "$(diskutil list | awk '/Recovery HD/')" ]; then
echo "<result>TRUE</result>"
else
echo "<result>FALSE</result>"
fi

which also offers a similar True/flase flag. Without being too needy - can you confirm in your opinion the best way to use a smart group - IE output the script into a spreadsheet so that I end up with a list of asset tags and a RP flag present/not present next to it as I am unsure how to do this.

0 Kudos

steve_summers
Contributor III

Posted on ‎11-15-2017 12:40 PM

@macuser2 , so that code snippet would work, for sure. And there certainly is more than one way to do things. If I were in your shoes, and woke up needing to do what you mentioned, I would do one of two things:
1) use the code snippet you have there as an extension attribute, including it on the "Inventory Display" then after it has a bit to collect data (it'll take a few hours for Macs to report), export the whole inventory report to a CSV. Then, you can filter out True and False. You can target a script to the False machines by using a static computer group. OR...
2) Create a smart group, and in the advanced criteria there is a "Recovery HD Present" selection. Targeting machines that checked in less than 15 days ago, with "Recovery HD Present" set to "is not" "present". Then that Smart Group would be the target in a script of policy.

Let me know if that's helpful or not. Thanks.

0 Kudos