Help

Scoping EFI Password Mode between older and newer Macs

shakim
New Contributor III

Posted on ‎02-20-2013 12:44 PM

I would like to scope machines based on EFI status Mode so that I can I easily target machines requiring "Set Open Firmware / EFI Password" I see they're two EA available to report EFI status.
One is for older Pre-2011 hardware which is calling nvram
`nvram -p | grep security-mode | awk '{print $2}'`

And the other is for newer hardware mid-2011 and later which calls "setregproptool -c" binary.

  1. I'm curious to see how are others addressing this issue or willing to share some ideas.
  2. Can I have these two EA Co-exist without causing any issues?

Thank You.

0 Kudos
Reply
1 REPLY 1

cbrewer
Valued Contributor II

Posted on ‎02-20-2013 01:24 PM

Pretty sure once you copy setregproptool to the correct location, you can just use one policy to set the firmware password for old and new models.

https://jamfnation.jamfsoftware.com/discussion.html?id=5212

0 Kudos
Reply