Skip to main content

Just curious about the possibility of this. We randomize the management account password and every so often I'll be using Casper Remote to access a system and it will fail. I'll then go in and scope a policy to reset the management account password which fixes the issue. It would be nice if I could create a smart computer group which will say if the password the JSS knows about is not working on a machine.

Does anyone have a method to do this? If not, I'll poke around some more and see if I can come up with a way.

I would love to know this as well.

Just a mini-update, Reached out to JAMF Support and they didn't have a solution either. Might turn into a feature request.

Hmm, tricky, I think those passwords are stored in a hashed field in the JSS. If you pull up a computer's API record, the password for the management account shows up like **
You can easily pull the management account name with the API, but I don't think there's an easy way to decrypt that stored password. I'd imagine JAMF made it difficult on purpose, since the management account password is as good as knowing a root password, so it needs to stay protected for security reasons.
Unless they somehow expose that password via the API, which I highly doubt they will, it doesn't seem like this will be possible.

Terms & ConditionsCookie settingsAccessibility statement