Playing around with the passcode policies using config profiles for our OS X machines that don't use AD in certain circumstances but we still want to enforce some password restrictions like AD.
In testing no matter what settings I set in the config profile it always says the password does not meet the administrators rules. At one point I had pretty much every restriction disabled and it still is giving the same error. Anybody have success with this?
What plists / keys are you setting in the profile?
I've used pwpolicy in the past for this purpose which has worked for my needs. They just don't apply to admin accounts which is a little annoying.
I had it working in X.9.2 and later and early beta X.10 builds but stopped testing when we decided to stay with AD.(It didn't work in X.9.1 and earlier).
I think config profiles is the for managing the password policies is way to go and that most of us will be using profiles to do this in the future. I know a few big companies are managing local passwords with homegrown tools already, instead of AD. It's my understanding that they were sick of AD issues and gave up on the built in plug-in.
If I remember correctly I was building the config profiles on Mac OS X server and them uploading them into Casper. I also just tested local too. : )
Hope this helps.
So that looks right :) however I would guess that the allow simple might be causing the issue. (allow simple might be Apple English for require simple) In my testing that was on one of the pre X.9.2 issue that was not working at all. Also this doc says that it's the default...
I think you need to look at the .xml of the profile and check against the above doc.