- Jamf Nation Community
- Products
- Jamf Pro
- AD Password Change include Keychains Update
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 06:47 AM
Hello Community,
I am looking for a solution that our User can change easy here password in our AD. We test "AdPassMon" but it doesn't works on our Macs. I don't know where the problem is there.
Now, I'm looking for a alternativ to change the AD Password and update the Keychains directly.
Many Thanks
Christian
Solved! Go to Solution.
2 ACCEPTED SOLUTIONS
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 07:24 AM
@c.knipping not quite following, but maybe this helps?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 08:11 AM
@bentoms Many Thanks!
I fix it, now. :-)
With this one, ADPassMon start in the Mobil Accounts:
#!/bin/sh
defaults write org.pmbuko.ADPassMon runIfLocal -bool trueWorks, great! The password change works, great, too.
8 REPLIES 8
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 06:50 AM
@c.knipping Can you advise what doesn't work with ADPassMon?
Also, how is the expiry being set? Group policy or fine grained password policy, maybe?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 07:08 AM
@bentoms Many Thanks for help. The Policy from the AD Server is, to change his Password all 90days. After I try to start ADPassMon, I can't see it on the Top. It work in the Activity Monitor but I can't use it.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 07:09 AM
@c.knipping local account with same username as AD account?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 07:22 AM
@bentoms The the Mobile Account use the same AD informations. I am looking for a solution, that our Macbooks connect to our Wi-Fi Network befor Login. That the User are directly connected with the AD.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 07:24 AM
@c.knipping not quite following, but maybe this helps?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 07:50 AM
It may be that if you're bound to AD - you need to unbind and re-bind if it's not writing the password to your AD user account.
We've run into that issue a few times. Looking to bind to our vLDAP for future instances.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 08:11 AM
@bentoms Many Thanks!
I fix it, now. :-)
With this one, ADPassMon start in the Mobil Accounts:
#!/bin/sh
defaults write org.pmbuko.ADPassMon runIfLocal -bool trueWorks, great! The password change works, great, too.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-02-2016 11:21 AM
@c.knipping If you are looking for your MacBooks to connect to a wireless network before the user logs in you'll want to deploy a WiFi configuration profile that uses System mode rather than being set as a Login Window configuration. We also found that using System mode WiFi connections made for much more reliable instances of users being able to connect when their AD accounts were set to require a password change on next logon.
