Skip to main content

Hello, I am looking for a way to run a script that requires new standard user accounts to reset their passwords, even before those accounts are created. Basically, I want the admin account to be able to create the account, set a temporary password, then when the standard user signs into that account for the first time with the temporary password they are immediately asked to change it. All I have seen so far requires the account to have created or signed into first.

We are using model 2020 M1 Macbooks

Use "changeAtNextAuth" in your password policy/Configuration Profile.
https://developer.apple.com/documentation/devicemanagement/passcode

Once the user is created and the created user account wants to log in with the temp password, the user will be asked to change the password.

 

Use "changeAtNextAuth" in your password policy/Configuration Profile.
https://developer.apple.com/documentation/devicemanagement/passcode

Once the user is created and the created user account wants to log in with the temp password, the user will be asked to change the password.

 


I tired

pwpolicy -a admin -setglobalpolicy "changeAtNextAuth=true"

and had no luck.

Terms & ConditionsCookie settingsAccessibility statement