Help

Change Password tools Broke in 10.14.0

MacTool
New Contributor II

Posted on ‎10-18-2018 06:26 AM

Changing any local account passwords with Jamf tools (jamf resetPassword command and Reset Password in Jamf remote) no longer work in 10.14.0. They work fine in previous OS versions. Other methods of changing passwords via scripts delivered by Jamf no no longer work either. I saw another post about Managed Accounts passwords could not be changed, https://www.jamf.com/jamf-nation/discussions/29518/managed-account-password-could-not-be-changed, but it seems to affect all accounts. Using other methods outside of secure token (sysadminctl) seem to fail as well when delivered by scripts in Jamf.

0 Kudos
Reply
3 REPLIES 3

BS071
New Contributor

Posted on ‎02-15-2019 07:05 AM

Has this been confirmed in 10.14.3 to still be an issue?

0 Kudos
Reply

sshort
Valued Contributor

Posted on ‎02-15-2019 07:46 AM

Using sysadminctl works great in a policy, but you do need to test for your environment to see what works best.

Here’s an example that uses a LAPS password value to reset, but in general you could use this generic reset script

0 Kudos
Reply

bsuggett
Contributor II

Posted on ‎08-04-2019 05:14 PM

Additionally,

The sysadminctl command doesn't output proper return codes. So even if the command fails with the standard "Operation is not permitted without secure token unlock.", the exit code is still 0 and always is 0 which is bad. (At least in 10.13)

0 Kudos
Reply