I am trying to setup a script that requires the computername and Computer Trust password. On a mac that is joined to the domain using the normal Apple method I could use:
security find-generic-password -w -s "/Active Directory/DOMAIN" /Library/Keychains/System.keychain
That would then return the computer trust password for use with my script to send for authentication.
On a Centrify Joined machine there is no /Active Directory key in the keychain.
I found one machine that had the /CentrifyDC application password but the returned password when using that still give Access Denied so I don't think that is the right password. The /CentrifyDC item isn't showing on all my test macs anyway so that wouldn't be a consisten method even if it worked.
Is there a script string I can run that would return the correct Computer Account Trust Password when joined via Centrify? Thanks!