From f34fb10b6d5cec8917d44fb390bb7dfeae5ffb28 Mon Sep 17 00:00:00 2001
From: Bob Gendler <robert.gendler@nist.gov>
Date: Wed, 24 Nov 2021 21:03:09 -0500
Subject: [PATCH] revert to old check

---
 rules/sysprefs/sysprefs_find_my_disable.yaml | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/rules/sysprefs/sysprefs_find_my_disable.yaml b/rules/sysprefs/sysprefs_find_my_disable.yaml
index 87341a37..2d2d05c2 100644
--- a/rules/sysprefs/sysprefs_find_my_disable.yaml
+++ b/rules/sysprefs/sysprefs_find_my_disable.yaml
@@ -7,11 +7,7 @@ discussion: |
  
   Apple’s Find My service uses a personal AppleID for authentication. Organizations should rely on MDM solutions, which have much more secure authentication requirements, to perform remote lock and remote wipe.
 check: |
-  /usr/bin/osascript -l JavaScript << EOS
-  ObjC.import('Foundation')
-  ObjC.unwrap($.NSUserDefaults.alloc.initWithSuiteName('com.apple.icloud.managed')\
-  .objectForKey('DisableFMMiCloudSetting'))
-  EOS
+  /usr/bin/profiles -P -o stdout | /usr/bin/grep -Ec '(allowFindMyDevice = 0|allowFindMyFriends = 0|DisableFMMiCloudSetting = 1)'
 result:
   integer: 3
 fix: |