Change password for next user to be created

New Contributor II

Hello, I am looking for a way to run a script that requires new standard user accounts to reset their passwords, even before those accounts are created. Basically, I want the admin account to be able to create the account, set a temporary password, then when the standard user signs into that account for the first time with the temporary password they are immediately asked to change it. All I have seen so far requires the account to have created or signed into first.

We are using model 2020 M1 Macbooks


New Contributor III

Use "changeAtNextAuth" in your password policy/Configuration Profile.

Once the user is created and the created user account wants to log in with the temp password, the user will be asked to change the password.


I tired

pwpolicy -a admin -setglobalpolicy "changeAtNextAuth=true"

and had no luck.