PDA

View Full Version : Launchd and auto-enroll certificate script not working




blabla296
Jul 27, 2013, 06:27 AM
Hi All !

First time here and already in trouble... so here's the deal :
- Mac OS X 10.8.4
- SCCM 2012
- XServe 10.7 + DeployStudio 1.6.2

I deploy my iMacs using DeployStudio. As a part of the deployment process, the Macs are binded to AD & OD. I need also to install the Microsoft SCCM 2012 client. In order for the iMacs to properly communicate with SCCM and being furtherly managed, I need them to enroll a certificate at first boot. My colleague and myself tried a couple of different methods, no luck yet.
So what we currently have in mind is to copy a plist in the LaunchDemons folder and the enroll script in another location to be run by launchd. Problem is : doesn't work... and no logs whatsoever ! :confused:

Here's the plist :


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.sccm.enrollcert</string>
<key>ProgramArguments</key>
<array>
<string>/usr/bin/enroll</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>


Very simple as you can see...

And here's the enroll.sh script :

#!/usr/bin/expect
spawn /usr/bin/CMEnroll -s SCCM.DOMAIN.local -ignorecertchainvalidation -u "DOMAIN\ACCOUNT"
expect "Please enter your password."
send "passwd\n"
sleep 50

So as you can see it pretty simple... but for some funny reason it doesn't work at all.

Is there something we're missing by using "expect"/"spawn" in a launchd script like that ?

Thanks in advance



blabla296
Jul 29, 2013, 01:28 AM
EDIT :

My colleague got it. Just "expect" the "Executed successfully" sentence... lol