Help

Difference between Change Password and Reset Password in Jamf Connect payload

ali_fadavinia
New Contributor III

‎02-01-2022 09:54 AM - edited ‎02-01-2022 12:14 PM

Hi JAMF Guru,

Under Content Management --> Configuration policies, we created a JAMFConnect config policy.

If you go under Options, there is Applications & Custom Settings --> 

 

In the payload list --> under Preference Domain "com.jamf.connect", there are two OIDC URL to set, one is for ChangePassword and one is for ResetPassword.

 

<key>OIDCChangePasswordURL</key>
    <string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string>

 

<key>OIDCResetPasswordURL</key>
    <string>https://passwordreset.microsoftonline.com/</string>


We are using Azure AD in our environment and JAMFPro as our MDM. Can someone help me understand these two, their difference and usage and why do we need both?

Thanks!
Ali

JAMF.png


<ADDED THIS LATER> The reason I am asking is: if in a client mac, under JamfConnect menu bar --> Preferences, I add Reset password Url & Change Pasword Url manually, they work fine, redirect me to where it should..

But if I dont, they dont get auto-populated(fly over) from what I set in my configuration policy (under PLIST) as explained above.

My config profile, it does come into macs. But I dont understand why it doesn't take an effect and those URLs are still empty in those fields under preferences.

User mac-Menu Bar Preferences.jpgUser mac-Menu Bar.jpg

0 Kudos
5 REPLIES 5

MatthewGC
New Contributor III

Posted on ‎02-01-2022 11:08 AM

Changing a password implies the user knows the existing password, while resetting a password allows the user to recover their password, should they forget it.

ali_fadavinia
New Contributor III

‎02-01-2022 11:55 AM - edited ‎02-01-2022 12:14 PM

The reason I am asking is: if in a client mac, under JamfConnect menu bar --> Preferences, I add Reset password Url & Change Pasword Url manually, they work fine.

But if I dont, they dont get auto-populated(fly over) from what I set in my configuration policy (under PLIST) as explained above.

My config profile, does come into macs. But I dont understand why it doesn't take an effect

0 Kudos

bmortens115
New Contributor III
New Contributor III

Posted on ‎02-01-2022 02:53 PM

It looks like you are using the wrong Key for the 2 preferences. I just looked and I think they should be:

<key>ChangePasswordURL</key>
<string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string>
<key>ResetPasswordURL</key>
<string>https://passwordreset.microsoftonline.com/</string>

Screen Shot 2022-02-01 at 2.50.41 PM.png

ali_fadavinia
New Contributor III
In response to bmortens115

Posted on ‎02-07-2022 06:31 AM

Correct, that is the old attribute object we used to use, but apparently Jamf has updated those on new releases.

0 Kudos

ali_fadavinia
New Contributor III
In response to bmortens115

‎02-07-2022 01:20 PM - edited ‎02-07-2022 01:21 PM

This one you shared is for Com.Jamf.Connect

<key>ChangePasswordURL</key>
<string>https://account.activedirectory.windowsazure.com/ChangePassword.aspx</string>
<key>ResetPasswordURL</key>
<string>https://passwordreset.microsoftonline.com/</string>


What are those attributes look like for Com.Jamf.Connect.login ?
Are they like: OIDCChangePasswordURL && OIDCResetPasswordURL?

0 Kudos