Skip to main content
Question

Difference between Change Password and Reset Password in Jamf Connect payload


Forum|alt.badge.img+4

Hi JAMF Guru,

Under Content Management --> Configuration policies, we created a JAMFConnect config policy.

If you go under Options, there is Applications & Custom Settings --> 

 

In the payload list --> under Preference Domain "com.jamf.connect", there are two OIDC URL to set, one is for ChangePassword and one is for ResetPassword.

 

<key>OIDCChangePasswordURL</key>
    <string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string>

 

<key>OIDCResetPasswordURL</key>
    <string>https://passwordreset.microsoftonline.com/</string>


We are using Azure AD in our environment and JAMFPro as our MDM. Can someone help me understand these two, their difference and usage and why do we need both?

Thanks!
Ali




<ADDED THIS LATER> The reason I am asking is: if in a client mac, under JamfConnect menu bar --> Preferences, I add Reset password Url & Change Pasword Url manually, they work fine, redirect me to where it should..

But if I dont, they dont get auto-populated(fly over) from what I set in my configuration policy (under PLIST) as explained above.

My config profile, it does come into macs. But I dont understand why it doesn't take an effect and those URLs are still empty in those fields under preferences.

5 replies

MatthewGV
Forum|alt.badge.img+7
  • Contributor
  • 41 replies
  • February 1, 2022

Changing a password implies the user knows the existing password, while resetting a password allows the user to recover their password, should they forget it.


Forum|alt.badge.img+4
  • Author
  • Contributor
  • 21 replies
  • February 1, 2022

The reason I am asking is: if in a client mac, under JamfConnect menu bar --> Preferences, I add Reset password Url & Change Pasword Url manually, they work fine.

But if I dont, they dont get auto-populated(fly over) from what I set in my configuration policy (under PLIST) as explained above.

My config profile, does come into macs. But I dont understand why it doesn't take an effect


bmortens115
Forum|alt.badge.img+14
  • Contributor
  • 33 replies
  • February 1, 2022

It looks like you are using the wrong Key for the 2 preferences. I just looked and I think they should be:

<key>ChangePasswordURL</key> <string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string> <key>ResetPasswordURL</key> <string>https://passwordreset.microsoftonline.com/</string>


Forum|alt.badge.img+4
  • Author
  • Contributor
  • 21 replies
  • February 7, 2022
bmortens115 wrote:

It looks like you are using the wrong Key for the 2 preferences. I just looked and I think they should be:

<key>ChangePasswordURL</key> <string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string> <key>ResetPasswordURL</key> <string>https://passwordreset.microsoftonline.com/</string>


Correct, that is the old attribute object we used to use, but apparently Jamf has updated those on new releases.


Forum|alt.badge.img+4
  • Author
  • Contributor
  • 21 replies
  • February 7, 2022
bmortens115 wrote:

It looks like you are using the wrong Key for the 2 preferences. I just looked and I think they should be:

<key>ChangePasswordURL</key> <string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string> <key>ResetPasswordURL</key> <string>https://passwordreset.microsoftonline.com/</string>


This one you shared is for Com.Jamf.Connect

<key>ChangePasswordURL</key>
<string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string>
<key>ResetPasswordURL</key>
<string>https://passwordreset.microsoftonline.com/</string>


What are those attributes look like for Com.Jamf.Connect.login ?
Are they like: OIDCChangePasswordURL && OIDCResetPasswordURL?


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings