We are using LAPSforMac/LAPS.sh at master · caffine247/LAPSforMac · GitHub for LAPS rotation however this script is not working on macOS Big Sur or Monterey.
Here is the error message:
Just wondering if someone has an alternative or fix for this ?
Solved! Go to Solution.
Last year when Big Sur came out I had to update the LAPS script for it to work.
This script need to be updated to include the -e on each of the lines (there are three on lines 82, 186, 242) for the xpath command. This is due to the version of python now used.
I have three questions.
1) Did you have this working previous to Big Sur?
2) On the LAPS script have you hardwired the values on lines 48-51 like so:
# HARDCODED VALUES SET HERE
3) on line 68 do you have your jss address:
I seem to remember that if any of these were missing I got simiar errors that you are getting.
I appreciate your help with this issue. The script has all the values as you have mentioned in your last comment. I did more investigation and found that LAPS user's secure Token status is disabled. From research I did there is no possibility to enabled unless I know the password for LAPS user. Script is not able to use default password to do authentication. Here is our current workflow
-All our Macs are DEP enrolled. During prestage, we create a local admin user
-Once onboarding is completes. On check-in, default password used in PreStage is used to rotate LAPS password which is failing