Help! So we are in the middle of implementing Jamf Connect. We require online authentication and multifactor authentication with Azure AD.
But what is the workflow when a user lost his password?
Sure when the FileVault login window shows, we can enter the personal recovery key. Then the online authentication window will appear, and for this the user can login with the new Azure AD password.
But then Jamf Connect want to have the previous local password to sync the online and local password. But we have only the personal recovery key at this point. We cannot continue from this point on.
How to proceed from here?
You need to boot to Recovery and use the PRK to reset the user's password. We wrote documentation for our deskside team on how to do that. We suggest the tech reset the password in AD/Okta beforehand and setting the local password the same as the network password.
Depending on IdP and configuration, you might get a notice that your Jamf Connect password is incorrect and needs to be updated.