Removing Firmware Password on Machines with 10.7 and 10.8 using setregproptool

The_Tiger
New Contributor III

Hi,
I would like to remove a firmware password on machines have OS X 10.7 and others have OSX 10.8.
I created a policy which will copy the setregproptool depending on the OSX version to the /Library/Application support/JAMF/bin folder, Then added to the policy to run the following command:
/Library/Application Support/JAMF/bin/setregproptool -d -o 'current firmware password'
It says it was completed and run the policy but the machine still have the firmware password if I try to run the command manually into terminal it works and the firmware password removed.
I tried to run the EFI Password feature on the JSS as well with NONE value to remove it. it was asking for the current firmware password and timing out.
I would appreciate someone to tell me what am I missing here.

1- Is there any known issue with the JSS to run a command as it worked before for me when I setup firmware password.
2- Do I need to include the current firmware password somewhere in my policy for EFI Password feature on JSS?

Any help would be much appreciated.
Thanks

1 ACCEPTED SOLUTION

The_Tiger
New Contributor III

CasperSally,

Thank you so much for your suggestion but it didn't work for me.

Interestingly, Today I updated the JSS to v9.32 and that fixed the Execute Command feature in Files and Processes load.

I didn't need the current password as I mentioned it in my command in the Execute Command Field.

/Library/Application Support/JAMF/bin/setregproptool -d -o 'current firmware password'

View solution in original post

2 REPLIES 2

CasperSally
Valued Contributor II

See my prior thread and solution offered by @plawrence here... good luck. You do need the current password for current macs.

https://jamfnation.jamfsoftware.com/discussion.html?id=7236

The_Tiger
New Contributor III

CasperSally,

Thank you so much for your suggestion but it didn't work for me.

Interestingly, Today I updated the JSS to v9.32 and that fixed the Execute Command feature in Files and Processes load.

I didn't need the current password as I mentioned it in my command in the Execute Command Field.

/Library/Application Support/JAMF/bin/setregproptool -d -o 'current firmware password'