joshua-d-miller · October 22, 2023 11:46
diff --git a/ResetmacOSLAPS.sh b/ResetmacOSLAPS.sh
 #!/bin/sh
 : '
 ----------------------
 Penn State MacAdmins
 ----------------------
 Performs the following:
  - Captures the current password of your local admin
  if you know it and then changes the password to
  the FirstPassKey
 Notes:
  - Starts at $4 variables to accomodate for jamf Pro
  - $4 should be the location of your PLIST whether in
  Managed Preferences MDM or just Preferences
 Sources:
  - https://github.com/homebysix/jss-filevault-reissue/blob/main/reissue_filevault_recovery_key.sh
  - https://stackoverflow.com/questions/4780893/use-expect-in-a-bash-script-to-provide-a-password-to-an-ssh-command
 -------------------------------------
  Joshua D. Miller - [email protected]
  The Pennsylvania State University

  Last Update: July 25, 2021
 -------------------------------------
 '
 # Get the logged in user's name
 CURRENT_USER=$(/bin/echo "show State:/Users/ConsoleUser" | /usr/sbin/scutil | /usr/bin/awk '/Name :/&&!/loginwindow/{print $3}')
 # Get User ID
 USER_ID=$(/usr/bin/id -u "$CURRENT_USER")
 # Current Configured Admin Account
 ADMIN_TO_RESET=`/usr/bin/defaults read "$4" LocalAdminAccount`
 # Set New Password to FirstPass Key
 FIRST_PASSWORD=`/usr/bin/defaults read "$4" FirstPass`
 # Capture Old Password
 OLD_PASSWORD="$(/bin/launchctl "asuser" "$USER_ID" sudo -u "$CURRENT_USER" /usr/bin/osascript -e 'display dialog "Please enter the current Local or AD Password for '"$ADMIN_TO_RESET"':" default answer "" with title "macOSLAPS Password Rotation Reset" with text buttons {"OK"} default button 1 with hidden answer' -e 'return text returned of result')"
 OLD_PASSWORD=$(printf '%s\n' "$OLD_PASSWORD" | sed -e 's/[]\/$*.^[]/\\&/g')
 # Perform the Password Change
 /usr/bin/expect << EOF
 spawn /usr/bin/passwd "$ADMIN_TO_RESET"
 expect "Changing password for*"
 expect "Old Password:"
 send "$OLD_PASSWORD\r"
 expect "New Password:"
 send "$FIRST_PASSWORD\r"
 expect "Retype New Password:"
 send "$FIRST_PASSWORD\r"
 expect Shell>
 EOF
	#!/bin/sh
	: '
	----------------------
	Penn State MacAdmins
	----------------------
	Performs the following:
	- Captures the current password of your local admin
	if you know it and then changes the password to
	the FirstPassKey
	Notes:
	- Starts at $4 variables to accomodate for jamf Pro
	- $4 should be the location of your PLIST whether in
	Managed Preferences MDM or just Preferences
	Sources:
	- https://github.com/homebysix/jss-filevault-reissue/blob/main/reissue_filevault_recovery_key.sh
	- https://stackoverflow.com/questions/4780893/use-expect-in-a-bash-script-to-provide-a-password-to-an-ssh-command
	-------------------------------------
	Joshua D. Miller - [email protected]
	The Pennsylvania State University

	Last Update: July 25, 2021
	-------------------------------------
	'
	# Get the logged in user's name
	CURRENT_USER=$(/bin/echo "show State:/Users/ConsoleUser" \| /usr/sbin/scutil \| /usr/bin/awk '/Name :/&&!/loginwindow/{print $3}')
	# Get User ID
	USER_ID=$(/usr/bin/id -u "$CURRENT_USER")
	# Current Configured Admin Account
	ADMIN_TO_RESET=`/usr/bin/defaults read "$4" LocalAdminAccount`
	# Set New Password to FirstPass Key
	FIRST_PASSWORD=`/usr/bin/defaults read "$4" FirstPass`
	# Capture Old Password
	OLD_PASSWORD="$(/bin/launchctl "asuser" "$USER_ID" sudo -u "$CURRENT_USER" /usr/bin/osascript -e 'display dialog "Please enter the current Local or AD Password for '"$ADMIN_TO_RESET"':" default answer "" with title "macOSLAPS Password Rotation Reset" with text buttons {"OK"} default button 1 with hidden answer' -e 'return text returned of result')"
	OLD_PASSWORD=$(printf '%s\n' "$OLD_PASSWORD" \| sed -e 's/[]\/$*.^[]/\\&/g')
	# Perform the Password Change
	/usr/bin/expect << EOF
	spawn /usr/bin/passwd "$ADMIN_TO_RESET"
	expect "Changing password for*"
	expect "Old Password:"
	send "$OLD_PASSWORD\r"
	expect "New Password:"
	send "$FIRST_PASSWORD\r"
	expect "Retype New Password:"
	send "$FIRST_PASSWORD\r"
	expect Shell>
	EOF