Script Bootstrap token


We have around 60 devices that are missing a bootstrap token. I was hoping to script it.

My scripting knowledge is somewhat basic I was hoping someone could point in the right direction.

Do some searching on here I found this 


Would I be right in saying I would pass my admin account username and password in parameter argy 3 and 4

Assume that should parameter 4 & 5 in Jamf  right?


Has anyone sucessfully been able to script this with out putting the username and password in the script



#! /usr/bin/expect

# Get required variables. Note that in EXPECT scripts, the variable arguments are one value lower (thus $argv 3 is actually $4).
set adminName "[lindex $argv 3]"
set adminPass "[lindex $argv 4]"

#This will create and escrow the bootstraptoken on the Jamf Pro Server

spawn /usr/bin/profiles install -type bootstraptoken

expect "Enter the admin user name:" 
send "$adminName\r"
expect "Enter the password for user '$adminName':" 
send "$adminPass\r"
expect eof

exit 0




Valued Contributor

It's possible, but very environment dependent.  In our setup, we've been using macOSLAPS, which means that we can locate both the lapsadmin account name and password without any API calls or hardcoding of values.  That said, the upcoming changes to prestage created admin accounts expected later this month is going to completely break our LAPS solution with no sign of what will replace it being made available by Jamf yet.

It's not something we use currently @McAwesome.