Jamf Nation Community

TechSpecialist · ‎02-20-2020

I am using Jamf Connect (Azure AD) to let users log in to their Macs here at our organisation.

But I need to find a solution to enforce a Password policy so that users are forced to change their password before being able to log in or work on their computer.

Any suggestions?

mlawniczak · ‎02-21-2020

If you are using Azure as your IdP the password policy settings you use for the users Azure account will work for managing the local account on the machine, as long as you are also using Verify to keep the passwords in sync.

TechSpecialist · ‎02-23-2020

The change password function works, but eventually I would need the old password still to have it synchronised.

But what if people forgot about their old password?

brandon_-_autob · ‎06-09-2020

Did we ever solve this? Currently in the same boat.

TechSpecialist · ‎06-09-2020

There still is no proper solution for this.

samuelbaiden · ‎06-10-2020

Well I have implemented a similar solution and this is what I did. I allowed password reset in Azure for the Azure accounts that will be using Jamf Connect and added MFA. Once that was in place, users could now reset their password even if they had forgotten the old one from the macOS Setup Assistant before they could continue. Remember to tie Azure SSO with Jamf Connect Login by using Enrollment customisation.

Cayde-6 · ‎07-08-2020

@samuelbaiden

I can't see how that would work if you've got FV2 enabled because you have no internet access at the EFI login window

dsardaczuk · ‎02-18-2021

Is there a solution with azure AD for a password expire notification?

Jamf Nation Community

Jamf Connect: How to set a Password Policy (Azure AD)