Thank's to J.S.' work above, this is working in our setup. The only
chance is the -t mrof line noted in my comment #!/bin/sh
userName="abc-12345" domainUser="12345" domainPassword=$(date +%a)
/usr/bin/sudo -u "${userName}" -H /usr/bin/security
add-in...
the -t dflt wasn't working for me. i had to change it to -t mrof (not -t
from) which seems to be some old big endian/little endian code break but
it worked with the change
Is it functional to leave CriticalUpdateInstall intact and allow the
security updates to come from a caching server then manage all others
through Repesado?
