Skip to main content
Question

Difference between Change Password and Reset Password in Jamf Connect payload

A
Forum|alt.badge.img+4

Hi JAMF Guru,

Under Content Management --> Configuration policies, we created a JAMFConnect config policy.

If you go under Options, there is Applications & Custom Settings --> 

 

In the payload list --> under Preference Domain "com.jamf.connect", there are two OIDC URL to set, one is for ChangePassword and one is for ResetPassword.

 

<key>OIDCChangePasswordURL</key>
    <string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string>

 

<key>OIDCResetPasswordURL</key>
    <string>https://passwordreset.microsoftonline.com/</string>


We are using Azure AD in our environment and JAMFPro as our MDM. Can someone help me understand these two, their difference and usage and why do we need both?

Thanks!
Ali




<ADDED THIS LATER> The reason I am asking is: if in a client mac, under JamfConnect menu bar --> Preferences, I add Reset password Url & Change Pasword Url manually, they work fine, redirect me to where it should..

But if I dont, they dont get auto-populated(fly over) from what I set in my configuration policy (under PLIST) as explained above.

My config profile, it does come into macs. But I dont understand why it doesn't take an effect and those URLs are still empty in those fields under preferences.

    5 replies

    MatthewGV
    Forum|alt.badge.img+7
    • MatthewGV
    • Contributor
    • 41 replies
    • February 1, 2022

    Changing a password implies the user knows the existing password, while resetting a password allows the user to recover their password, should they forget it.

    A
    1 person likes this
    • A
      ali_fadavinia
    A
    Forum|alt.badge.img+4
    • ali_fadavinia
    • Author
    • Contributor
    • 21 replies
    • February 1, 2022

    The reason I am asking is: if in a client mac, under JamfConnect menu bar --> Preferences, I add Reset password Url & Change Pasword Url manually, they work fine.

    But if I dont, they dont get auto-populated(fly over) from what I set in my configuration policy (under PLIST) as explained above.

    My config profile, does come into macs. But I dont understand why it doesn't take an effect

    bmortens115
    Forum|alt.badge.img+14
    • bmortens115
    • Contributor
    • 33 replies
    • February 1, 2022

    It looks like you are using the wrong Key for the 2 preferences. I just looked and I think they should be:

    <key>ChangePasswordURL</key> <string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string> <key>ResetPasswordURL</key> <string>https://passwordreset.microsoftonline.com/</string>

    A
    1 person likes this
    • A
      ali_fadavinia
    A
    Forum|alt.badge.img+4
    • ali_fadavinia
    • Author
    • Contributor
    • 21 replies
    • February 7, 2022
    bmortens115 wrote:

    It looks like you are using the wrong Key for the 2 preferences. I just looked and I think they should be:

    <key>ChangePasswordURL</key> <string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string> <key>ResetPasswordURL</key> <string>https://passwordreset.microsoftonline.com/</string>


    Correct, that is the old attribute object we used to use, but apparently Jamf has updated those on new releases.

    A
    Forum|alt.badge.img+4
    • ali_fadavinia
    • Author
    • Contributor
    • 21 replies
    • February 7, 2022
    bmortens115 wrote:

    It looks like you are using the wrong Key for the 2 preferences. I just looked and I think they should be:

    <key>ChangePasswordURL</key> <string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string> <key>ResetPasswordURL</key> <string>https://passwordreset.microsoftonline.com/</string>


    This one you shared is for Com.Jamf.Connect

    <key>ChangePasswordURL</key>
<string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string>
<key>ResetPasswordURL</key>
<string>https://passwordreset.microsoftonline.com/</string>


    What are those attributes look like for Com.Jamf.Connect.login ?
    Are they like: OIDCChangePasswordURL && OIDCResetPasswordURL?

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings