vqci2 (vqci2) asked a question.
Okta Device Trust registration failing on MacOS
We have recently seen Okta Device registration fail on user machines.
None of our users are local admin and the python script seems to assume they will be by calling sudo several times.
We get the following error:
INFO: Running Okta Device Registration task version : 1.2.1
INFO: Registering trusted device with Okta, for user : andrew.clark
INFO: Using home directory : /Users/andrew.clark
DEBUG: Running main()
andrew.clark is not in the sudoers file. This incident will be reported.
ERROR: Command '['launchctl', 'asuser', '502', 'sudo', '-u', u'andrew.clark', 'security', 'default-keychain']' returned non-zero exit status 1
ERROR: Error in accessing default keychain
Okta Device trust returning ERROR.
Greetings Andrew!
This is Andrei on behalf of Okta's Customer Support.
There are a lot of points to discuss regarding this issue, such as :
1.You can't access your keychain
2.You can't access the keychain file because you forgot your password.
3.The keychain file might be corrupted.
Please review this documentation regarding Device Trust for MacOS: https://help.okta.com/en/prod/Content/Topics/Mobile/Okta_Device_Trust_Jamf_macOS_Devices.htm
If you have more questions regarding this topic, please consider issuing a support ticket.