Overview
Managing local administrator accounts on macOS devices, especially in enterprise environments with FileVault 2 enabled, requires careful handling of SecureTokens. Below are scripts designed to assist with this process.
Script: Enable_FV2_SecureToken_local_Admin.sh
Script to add local admin account to FV2 (Enable FV2 for local admin account), user whose account have FV2 access required to enter the password to pass FV2 access to local admin account.
Script: local_hidden_admin_account.sh
Script to create hidden local admin account on macOS silently. This is useful for IT maintenance accounts that shouldn't clutter the login screen.
Script: MigrateUserDomainAcctToLocalAcct.sh
Script to convert mobile account to local account. Kindly test it locally before deploying to production.
Note: These scripts are available in the Apple_Mac repository.