Skip to main content
Question

Jamf Connect, Kerberos Error 4, and Password Expires in X days not updating

  • May 11, 2026
  • 2 replies
  • 32 views
FerrisBNA
Forum|alt.badge.img+5

Happy Monday! 

So I just came across this issue.  When a user tries to change their password using Jamf Connect, they get this Kereberos error 4.

So they go into Okta and change it there.  Later Jamf prompts them that the Local Password and Network password don’t match.  They are able to enter the old and new passwords and get the local mac password changed to match.  

But Jamf still shows “password expires in 0 days”.

I didn’t do the Jamf Connect setup, it was here when I joined the company, so I’m not sure exactly how to start fixing this.  I’m hoping you have some tips, maybe someone has seen this before, really anything.  I’ll keep doing my research, but It’s always nice to get some expert advice.

-Pat

-Pat

    2 replies

    mm2270
    Forum|alt.badge.img+24
    • mm2270
    • Legendary Contributor
    • May 12, 2026

    I’ve run across this issue as well, but in our case we use Microsoft Entra. In talking with someone in Jamf Support, they gave me a command to run that will update that Self Service tile.

    open jamfconnect://gettickets

    But this command needs to be run as the logged in user to work, so if it was something you planned to do from a policy, you’ll need to use the launchctl asuser method to do it. Or, users can run this themselves in Terminal if they are comfortable with that.

    It sometimes works also by clicking the Refresh link in the Kerberos tile in Self Service.

    FerrisBNA
    Forum|alt.badge.img+5
    • FerrisBNA
    • Author
    • Contributor
    • May 12, 2026

    This is very weird, the password expires in the menubar updated on its own today.  I did not make any changes to our Jamf configuration or the endpoints.  

    I’ll need to check if I can reset my password successfully now.

    One thing I haven’t found the answer for yet…

    In the configuration profile for Jamf Connect, The Application Setting Payload has a field for “Version”.  Should I be updating this as new releases of Jamf Connect come out?

    Thanks in advance.

    -Pat
      Terms & ConditionsAccessibility statement