Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
# Get the current user and their UID
currentUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk '/Name :/ && ! /loginwindow/ { print $3 }' )
currentUserID=$( id -u "$currentUser" )
# This is the line we need to add to enable TID
enableTouchID="auth sufficient"
# Original sudo file location
# If TouchID is already enabled exit. Otherwise modify the sudo file
if fgrep -q "$enableTouchID" "$sudoFile"; then
echo "TouchID for sudo is already enabled. Doing nothing..."
echo "TouchID not enabled for sudo. Enabling now..."
# Write new file with line to enable touch ID
awk 'NR==2 {print "auth sufficient"} 1' $sudoFile > $
# Make a backup of the current sudo file
cp $sudoFile $sudoFile.bak
# Replace the current file with the new file
mv $ $sudoFile
# If iTerm is installed, tell the user what they need to change to enable this setting
if [ -d '/Applications/' ]; then
# Read iTerm preference key
iTermPref=$( launchctl asuser "$currentUserID" sudo -u "$currentUser" defaults read com.googlecode.iterm2 BootstrapDaemon 2>/dev/null )
# If preference needs to be set, show Jamf Helper window with instructions
if [[ "$iTermPref" == "0" ]]; then
echo "iTerm preference is already set properly. Doing nothing..."
echo "Notifying user which iTerm setting needs to be changed..."
# Set notification description
description="We have detected that you have iTerm installed. There is an additional step needed to enable this functionality.
To enable TouchID for iTerm: Navigate to Preferences » Advanced » Session, then ensure \"Allow sessions to survive logging out and back in\" is set to \"No\""
# Display notification
"/Library/Application Support/JAMF/bin/" \
-windowType utility \
-title "Tech Services Notification" \
-heading "Additional Step Required for iTerm" \
-description "$description" \
-alignDescription left \
-icon "/Applications/" \
-button1 "OK" \
-defaultButton 1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment