Update: It turns out that the API password "apiPass" was too complex (i.e. alphanumeric) for the script (seen here also: https://www.jamf.com/jamf-nation/discussions/27059/api-authentication-doesn-t-work). Simplifying the password resolved the issue.

@sim.brar
Did you ever come across this?
I copied your script line for line and changed only the EA name and credentials to match mine.

apiURL=$(/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url | sed 's|/$||')

udid=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')

extAttName=""UserCN""



LAPS_Password=$(curl -s -f -u $apiUser:$apiPass -H "Accept: application/xml" $apiURL/JSSResource/computers/udid/$udid/subset/extension_attributes | xpath "//extension_attribute[name=$extAttName]" 2>&1 | awk -F'<value>|</value>' '{print $2}')



echo UserCN: $LAPS_Password

Hi djrory,

I was encountering the same issue on a script running fine from a while.

The issue is coming from Big Sur : Dealing with xpath changes in Big Sur

Hope this helps...

@djrory @marc.beuvin yup, please see the same script, updated for Big Sur:

#!/bin/bash



apiUser=""

apiPass=""

apiURL=$(/usr/bin/defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url | sed 's|/$||')

udid=$(/usr/sbin/system_profiler SPHardwareDataType | /usr/bin/awk '/Hardware UUID:/ { print $3 }')

extAttName=""LAPS""



LAPS_Password=$(curl -s -f -u $apiUser:$apiPass -H "Accept: application/xml" $apiURL/JSSResource/computers/udid/$udid/subset/extension_attributes | xpath -e "//extension_attribute[name=$extAttName]" 2>&1 | awk -F'<value>|</value>' '{print $2}' | tail -n +1)



echo $LAPS_Password