Skip to content

macOSLAPS 4.0.0 Build 845

Pre-release
Pre-release
Compare
Choose a tag to compare
@joshua-d-miller joshua-d-miller released this 27 Feb 07:49
· 3 commits to master since this release

A mostly bug fixing build of macOSLAPS with a slight new feature.

Temporary Keychain Item

Instead of writing a plain text file to the filesystem, we are now creating a temporary keychain item that the security command has access to read. This means that you can run macOSLAPS -getpassword and it will generate a keychain item with a random UUID. This UUID is still written to disk to a file /var/root/.GeneratedLAPSServiceName which is also hidden. When macOSLAPS runs again the keychain item is removed. Possibly a solution to issue #97

Additional context for Temporary Keychain Item

With this change and depending on the success of this release extension attributes will need rewritten to account for this. The Wiki and examples will be updated.

Agnostic command line flags

You will no longer need to run the command line flags with exact syntax. All command line flags are converted to lowercase and will run accordingly. (Example; You can now run -getPassword -GETPASSWORD or -getpassword and they will all work 👍. Resolves issue #89

Better requirements password building

If you define password requirements we will now select X amount of those characters BEFORE generating the rest of the password. The password is shuffled for good measure as well.

Native Password Verification

We now use Open Directory to natively verify the password. Resolves issue #94

Multiple Packages

Per the request of the LAPS channel in the MacAdmins Slack, there are now multiple packages available all signed and notarized by Apple. If you'd like to continue using just the combined package you can just download the non labeled package.

Deprecations

With this release macOSLAPS-repair will no longer be shipped with the package as it is no longer needed. This was to attempt to help with migration of the signing authority when I departed Penn State. I plan to keep this under my Developer ID for the foreseeable future.

As always please test and report back your results.