Is there a way (yet) to report Secure Boot status, for example "Full Security" vs "No Security"?
Looked through System Profiler, didn't see anything...we need to flag computers that are not set to our desired "Full Security" setting.
Question
Report "Secure Boot" status?
+36
+16I opened a ticket, for config profile control of "SIP" before it was released to the public ... Apple eng said I was nuts and current they are saying use a firmware password.
C
+18Hi @donmontalvo ,
We currently have the ability to report on System Integrity Protection:
Enabled under the Security section of an inventory record. As to Secure Boot, that would be a feature request. Please file that if you so desire.
+16Given it's a whole new hardware subsystem that might have it's own storage who knows...
But given SIP status is stored in NVRAM (csr-active-config), it might be worth looking at nvram -p to see if there are any security settings included now.
If the behaviour was the same as SIP they would only show if they had been changed from the default setting.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.