- Jamf Nation Community
- Products
- Jamf Connect
- Jamf Connect: When Users forget their password (Az...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Jamf Connect: When Users forget their password (Azure AD)...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-20-2020 01:26 AM
Hi All,
When a User forgets his password, then we can reset this via the Azure AD / O365 'forgot password' feature. This works just fine for us. But once the password is reset, the user would need to log in with the old password into the local account, but they can't because that password is set to the same previous 'forgotten' one.
How can I create a workflow that doesn't include Admin privileges so that User's can reset their own password and log in with a new one?
Labels:
- Labels:
-
Jamf Connect
12 REPLIES 12
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-21-2020 08:32 AM
Do you have Filevault enabled?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-23-2020 11:21 PM
No I don't have FileVault enabled.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 02-24-2020 01:59 PM
We have Filevault enabled, so we are using a modified version of what was outlined by tiredsince1985 in this post:
https://tiredsince1985.com/2019/10/30/jamf-connect-passwords.html
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-09-2020 01:53 PM
Did we ever solve this? Currently in the same boat, we however do use FV2.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-30-2020 10:40 AM
Same boat here, this is a massive issue for my company.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-30-2020 12:03 PM
we decided to integrate with azure and intune using company portal. so when a user forgets their password, we can change it via AD that replicates out to azure. we login to the effected mac with our administrator login and update the password from there. then the user signs in and syncs. took us a year.......
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-03-2021 05:31 AM
@danlaw777 was this by integrating Azure and Jamf only or are you also using Jamf connect?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-07-2021 08:06 AM
we also use Jamf connect
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-30-2020 10:07 PM
@danlaw777 But that wouldn't work on Macs that have FileVault enabled and are not On-prem now would it? Also, doesn't that mean the admins know the user's passwords? Isn't that a privacy issue?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-31-2020 08:53 AM
we have file vault enabled, we dont know their passwords, and it works just fine.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-11-2021 06:59 AM
@danlaw777 When you do this, are you able to log into these devices remotely, or is it on-prem? If you're doing this remotely, what are you using to allow that?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-07-2021 08:07 AM
we use dameware for remote management. if the users are locked out, i can remote in and log in from there
