This has come to my attention recently. So basically, our users would change their password via jamf connect, it would go through and successfully change their azure ad password. Then once they login to the computer, it would give them a prompt, telling them to enter their old password for the local account to sync with the new azure ad account, we also have filevault enabled.
This was all working fine, but recently when an end user changes their password via jamf connect. It gives an error message (I didn’t see it yet, have to wait until someone changes their PW again) and it will act like it doesn’t go through, but it actually does go through. It will not update their jamf connect expiration date (For example now, some users say their passwords will expire in -10 days) even though they changed their azure ad password.
Now we have had users getting locked out of filevault because when they sign out or restart their computer and are on the filevault page, the local account password doesn’t match the new azure ad password which is causing issues. It used to prompt them to change the local account password to match the updated azure ad credentials, but now it doesn’t do that.
This is the JAMF Connect version
version=11.19.1-t1754574720728
EDIT: JAMF CONNECT VERSION IS 2.45.1
TLDR:
JAMF doesn’t recognize when a password has been changed in azure AD now, will show password will expire in -10, -20 days now, and when they sign in with their azure SSO with the new credentials, it will keep looping cause the filevault password is not the same as the current one. It also doesn’t prompt the user to update their local account password to match the azure one now (I think because JAMF connect is not recognizing when the password changes, this is the root of the issue, so it doesn’t ask the user to sync their local account/file vault password with their azure ad one).
