Automox service account not picking up secure token after upgrading to Agent 39
After upgrading to Agent 39, the Automox service account (_automoxserviceaccount) is unable to gain or maintain secure token access.
Symptoms
Apple M1 devices showing not compatible due to Secure Token.
Steps to resolution
- To verify that the service account does not have the needed secure token access, run the following command:
sudo sysadminctl -secureTokenStatus _automoxserviceaccount
- If the secure token comes back as DISABLED, try to enable secure token via procedures outlined here: Install and Configure Automox Agent for Apple Silicon Devices
- If secure token still shows DISABLED afterword:
- Delete the Automox service account with the following command:
sudo /usr/bin/dscl . -delete /Users/_automoxserviceaccount
- Remove the current agent install: Removing the Automox Agent
- Re-install the agent: Automox Agent Installation Overview
- Enable secure token once again.
- Delete the Automox service account with the following command: