Kevin M. White
Kevin M. White
Please try the latest release of `super` as it may resolve this issue: https://github.com/Macjutsu/super/releases/tag/v4.1.0-beta1
There are many updates in https://github.com/Macjutsu/super/releases/tag/v5.0.0-beta2 that may resolve this behavior. Please try it out.
Not saying no... but this would significantly increase the potential attack surface for whatever Jamf API account is stored by `super` in the System Keychain. There is potential to gain...
Digging into this new feature... there are a lot of dependencies and several outstanding issues that make it unsuitable for deployment at this time. I will reevaluate as Jamf makes...
You can not set the value of a script parameter via that mechanism. It's only designed for Configuration Profiles.
I am aware of LAPS solutions... but there are two fundamental security problems with leveraging them in any local process or script like `super`. 1. Just because you have a...
Yes... but due to the limitations of Jamf Pro's security model... the permissions required for the Jamf Pro API account used by `super` to read EAs would also allow it...
This is NOT something Jamf Pro can do... As I have already stated earlier.... "You can not set the value of a script parameter via that mechanism. It's only designed...
Another issue with the configuration profile is that Jamf Pro does not send new configuration profiles when the value of a $VARIABLE changes. So when you cycle the LAPS password...
This is a good method if your plan is to only give `super` the admin password long enough to create it's own service account. Further, since it only needs to...