Jamf Connect Azure/Entra Local Password Sync issue

New Contributor III

Local password sync issue with Azure/Entra and Jamf Connect. I have a user with 3 Macs.

  1. He changed his password on Mac1 with Jamf Connect. Cloud and local account passwords were successfully changed.
  2. Signed into Mac2 at Jamf Connect login window with new password, it prompted for his old/local password, accepted it, and everything is good.
  3. Signed into Mac3 at Jamf Connect login window with new password, it prompted for his old/local password and will NOT accept it. Using the local login with that same password does work, gets him to the desktop. He can then sign into JamfConnect using the MenuBar, it again prompts him for this local password, and fails to accept the same password he just used to log in locally.

Jamf Connect logs show: Jamf Connect[1757:35a6] [com.jamf.connect:OpenDirectory] Password change failed! Error: One of the parameters provided was invalid.

  • All three Macs are the same build/config. Not enforcing any other password policies.
  • Tried sudo jamf changePassword with his username and got the same error: “One of the parameters provided was invalid.”
  • Tried signing in as a separate local admin account and resetting his local account password - got a generic “failed to reset user’s password” error.

I’ve had this issue randomly occur on Macs and the only solution I’ve found is to completely delete their their local account (but save the home folder), then recreate the account and point it back to the old home folder.

Any other troubleshooting I could do on this? Anyone else ever seen this issue?


New Contributor III

I did find that if we remove this user's FileVault Secure Token, the local sync immediately worked. Obviously, this is trading one issue for another but at least it's a step toward understanding why this is occurring.