Changing any local account passwords with Jamf tools (jamf resetPassword command and Reset Password in Jamf remote) no longer work in 10.14.0. They work fine in previous OS versions. Other methods of changing passwords via scripts delivered by Jamf no no longer work either. I saw another post about Managed Accounts passwords could not be changed, https://www.jamf.com/jamf-nation/discussions/29518/managed-account-password-could-not-be-changed, but it seems to affect all accounts. Using other methods outside of secure token (sysadminctl) seem to fail as well when delivered by scripts in Jamf.
Question
Change Password tools Broke in 10.14.0
+3
+15Using sysadminctl works great in a policy, but you do need to test for your environment to see what works best.
Here’s an example that uses a LAPS password value to reset, but in general you could use this generic reset script
+7Additionally,
The sysadminctl command doesn't output proper return codes. So even if the command fails with the standard "Operation is not permitted without secure token unlock.", the exit code is still 0 and always is 0 which is bad. (At least in 10.13)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.