Hi All,
I recently did a deployment from the app store for Monterey to auto install on my test iMac however, When actually installing the app prompts for Admin Password. Is there a way to bypass this as it was deployed via MDM?
Question
Monterey.app Deployment
+3
+15@BBB_UMBSounds Like Bootstrap Token is required. - https://support.apple.com/guide/deployment/use-secure-and-bootstrap-tokens-dep24dbdcf9e/web
Bootstrap token In macOS 10.15 or later, a bootstrap token is used to help with granting a secure token to both mobile accounts and the optional device enrollment-created administrator account (“managed administrator”). In macOS 11 or later, the bootstrap token can grant a secure token to any user logging in to a Mac computer, including local user accounts. Using the bootstrap token feature of macOS 10.15 or later requires: • Supervision • MDM vendor support Suppose that your MDM solution supports bootstrap tokens. In macOS 10.15.4 or later, when a user who is secure token enabled logs in for the first time, a bootstrap token is generated and escrowed to MDM. A bootstrap token can also be generated and escrowed to MDM using the profiles command-line tool, if needed. In macOS 11 or later, the bootstrap token may also be used for more than just granting secure token to user accounts. On a Mac computer with Apple silicon, the bootstrap token, if available, can be used to authorize the installation of both kernel extensions and software updates when managed using MDM. The bootstrap token is also used to silently authorize an Erase all Content and Settings command when triggered through MDM on macOS 12.0.1 or later.
+3@BBB_UMBSounds Like Bootstrap Token is required. - https://support.apple.com/guide/deployment/use-secure-and-bootstrap-tokens-dep24dbdcf9e/web
Bootstrap token In macOS 10.15 or later, a bootstrap token is used to help with granting a secure token to both mobile accounts and the optional device enrollment-created administrator account (“managed administrator”). In macOS 11 or later, the bootstrap token can grant a secure token to any user logging in to a Mac computer, including local user accounts. Using the bootstrap token feature of macOS 10.15 or later requires: • Supervision • MDM vendor support Suppose that your MDM solution supports bootstrap tokens. In macOS 10.15.4 or later, when a user who is secure token enabled logs in for the first time, a bootstrap token is generated and escrowed to MDM. A bootstrap token can also be generated and escrowed to MDM using the profiles command-line tool, if needed. In macOS 11 or later, the bootstrap token may also be used for more than just granting secure token to user accounts. On a Mac computer with Apple silicon, the bootstrap token, if available, can be used to authorize the installation of both kernel extensions and software updates when managed using MDM. The bootstrap token is also used to silently authorize an Erase all Content and Settings command when triggered through MDM on macOS 12.0.1 or later.
Thank you for this !! I am attempting to create an automated environment here. With that being said can this be a script that is distributed to all machines via policy or does it have to be manually ran on each computer individually?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.