Skip to main content
Question

Jamf Connect: When Users forget their password (Azure AD)...

  • February 20, 2020
  • 12 replies
  • 87 views
T
Forum|alt.badge.img+8

Hi All,

When a User forgets his password, then we can reset this via the Azure AD / O365 'forgot password' feature. This works just fine for us. But once the password is reset, the user would need to log in with the old password into the local account, but they can't because that password is set to the same previous 'forgotten' one.

How can I create a workflow that doesn't include Admin privileges so that User's can reset their own password and log in with a new one?

12 replies

M
Forum|alt.badge.img+4
  • mlawniczak
  • New Contributor
  • February 21, 2020

Do you have Filevault enabled?

T
Forum|alt.badge.img+8
  • TechSpecialist
  • Author
  • Contributor
  • February 24, 2020

No I don't have FileVault enabled.

M
Forum|alt.badge.img+4
  • mlawniczak
  • New Contributor
  • February 24, 2020

We have Filevault enabled, so we are using a modified version of what was outlined by tiredsince1985 in this post:

https://tiredsince1985.com/2019/10/30/jamf-connect-passwords.html

B
Forum|alt.badge.img+4

Did we ever solve this? Currently in the same boat, we however do use FV2.

Cayde-6
Forum|alt.badge.img+22
  • Cayde-6
  • Honored Contributor
  • July 30, 2020

Same boat here, this is a massive issue for my company.

danlaw777
Forum|alt.badge.img+17
  • danlaw777
  • Valued Contributor
  • July 30, 2020

we decided to integrate with azure and intune using company portal. so when a user forgets their password, we can change it via AD that replicates out to azure. we login to the effected mac with our administrator login and update the password from there. then the user signs in and syncs. took us a year.......

T
Forum|alt.badge.img+8

@danlaw777 But that wouldn't work on Macs that have FileVault enabled and are not On-prem now would it? Also, doesn't that mean the admins know the user's passwords? Isn't that a privacy issue?

danlaw777
Forum|alt.badge.img+17
  • danlaw777
  • Valued Contributor
  • July 31, 2020

we have file vault enabled, we dont know their passwords, and it works just fine.

M
Forum|alt.badge.img
  • MDerosier
  • New Contributor
  • January 11, 2021

@danlaw777 When you do this, are you able to log into these devices remotely, or is it on-prem? If you're doing this remotely, what are you using to allow that?

T
Forum|alt.badge.img
  • tauro2585
  • New Contributor
  • September 3, 2021

we decided to integrate with azure and intune using company portal. so when a user forgets their password, we can change it via AD that replicates out to azure. we login to the effected mac with our administrator login and update the password from there. then the user signs in and syncs. took us a year.......


@danlaw777 was this by integrating Azure and Jamf only or are you also using Jamf connect?

danlaw777
Forum|alt.badge.img+17
  • danlaw777
  • Valued Contributor
  • September 7, 2021

@danlaw777 was this by integrating Azure and Jamf only or are you also using Jamf connect?


we also use Jamf connect

danlaw777
Forum|alt.badge.img+17
  • danlaw777
  • Valued Contributor
  • September 7, 2021

@danlaw777 When you do this, are you able to log into these devices remotely, or is it on-prem? If you're doing this remotely, what are you using to allow that?


we use dameware for remote management. if the users are locked out, i can remote in and log in from there

Terms & ConditionsCookie settingsAccessibility statement