Skip to main content

Hi,



We have about 700 macs at our school. We have a local admin account and a local student account (mobile account created via the AD binding). We have been requested to add a parent Admin account so parent can make slight changes to parental control settings.



I can see that I can deploy a local admin account via policies. But I would like for a parent to reset the password when they first log in.
My plan would be to email the parents the password I set and tell them that they will need to create a new password when they sign in. But I don't want them to go through system preferences.



Any ideas??



Thanks,

Hi @iamgriffin



If you are comfortable with the command line, you could put together a policy using 'pwpolicy' command. I have been using the following for staff Macbook Pros since December as part of a setup/first boot script .You are forcing a password expire and the user has to change it at next login



pwpolicy -a adminuser -u usertoforcechange -setpolicy "newPasswordRequired=1"

@LSinNY Thanks, I'll test it out. But that sounds like exactly what I needed.

Hi,



Newbie here, please excuse my lack of scripting knowledge.



I too have the same need and when I ran the script from terminal I got the error below:



Password for authenticator administer:
Warning: unable to authenticate as <adminuser>
Error: root privileges or authenticator required



I tried it with sudo in front and without.

try replacing admin user with your admin account. something like this;
pwpolicy -a jhfc-adm -u usertoforcechange -setpolicy "newPasswordRequired=1"



I'm assuming that jhfc-adm is your admin account

Reply


Terms & ConditionsCookie settings