Posted on 09-10-2021 08:30 AM
I haven't seen any documentation so I'm not sure if this is possible but I'd like to show days until password expiration on Jamf Connect Menu Bar. Does anyone have any info on how to do this if it is possible?
Posted on 09-10-2021 08:46 AM
@davidmundt it's not currently possible if relying exclusively on Azure AD. When AD is involved, Connect requires being able to connect back to AD on-premise to get information about password expiration.
Posted on 11-12-2021 11:11 AM
I just found this:
Password Syncing with Jamf Connect - Jamf Connect Administrator's Guide | Jamf
Is there a reason why an Azure only setup wouldn't work? According to the Jamf documentation, it should, but I have not been able to test it yet.
Posted on 11-12-2021 11:16 AM
We are currently using Azure AD only on our Macs. but the JCL menu bar app doesnt show the password expiration like Nomad did. My users are relying on Azure AD to popup in a browser to alert them to the need for a password change.
Posted on 11-12-2021 11:21 AM
Have you already set in the configuration profile these two values?
<key>ExpirationCountdownStartDay</key>
<integer>14</integer>
<key>ExpirationNotificationStartDay</key>
<integer>7</integer>
Posted on 11-15-2021 07:37 AM
I have not tried those keys. I was under the impression they were for AD not Azure AD but I will give them a try. Thanks!!!
Posted on 02-07-2022 09:32 AM
I do have those keys set and I still don't get the password expiration date listed in the Menu Bar app.
Posted on 02-07-2022 09:51 AM
In our environment we also had to set the Kerberos realm so tickets were pushed to our Mac's from the local AD. Now the countdown shows up in the menu bar.
I still have not gotten the expiration notification to work though.
Posted on 02-07-2022 10:24 AM
We are all remote and relying on Azure AD for the IDP. I'd love to get it to show days till expiration but it still doesnt.
Posted on 04-20-2022 07:42 PM
Do you have an example of this?
I have Kerberos tickets getting pushed and I still do not see the countdown
Posted on 04-21-2022 05:49 AM
Here is our Jamf Connect keys regarding the countdown and notification popup:
<key>PasswordPolicies</key>
<dict>
<key>ExpirationCountdownStartDay</key>
<integer>14</integer>
<key>ExpirationNotificationStartDay</key>
<integer>7</integer>
</dict>
Posted on 04-22-2022 12:17 PM
Thanks!
I took over our Jamf Management on the computer side, and a lot of things weren't configured correctly, in this case (i hadn't thought to check this) our kerberos realm was wrong.
09-06-2022 03:12 PM - edited 09-06-2022 03:13 PM
We are seeing the expiration password counter. But some of our end-users see a -22 (for example) counter in the menu bar or after a successful password change there is the wrong number of days. Does anyone see this and have success correcting it?
We have a K-Realm and the configuration is set correctly. it is more annoying than anything.
Being on a VPN sometimes fixes this and sometimes it does not.
kinit and reentering the K-Realm password for the end user and restarting Jamf Connect do not correct the counter.
Posted on 03-20-2023 03:42 PM
We're Okta with OIDC and AD... (not an identity protect specialist, hacking away as best I can without access to the big boy tools). With Enterprise Connect and Kerberos SSO our clients can see how many days remain until their password expires (immediately the same day they change their password). But JamfConnect only shows the options to warning X days before? Nothing to show how many days remain if outside the short time warnings?
Posted on 03-08-2024 12:50 AM
Anyone got this working?
I'm using Jamf Connect with Azure AD only and do not get any password notifications or see anything like days to expire or so.