Help

Configuration Profiles > Password Policy not working on El Capitan

Go to solution
ftiff
Contributor

Posted on ‎11-27-2015 06:32 AM

I created a Configuration Profiles > Password Policy

But this doesn't apply on El Capitan (can't regress), I get this error:

The profile “FTIFF - Password Policy (7A3CE275-B25B-4C13-81F9-F2680A0FC930:7A3CE275-B25B-4C13-81F9-F2680A0FC930)” could not be installed due to an unexpected error. <ProfileDomainPluginController:101>

Here's my XML:

<key>PayloadType</key>
<string>com.apple.mobiledevice.passwordpolicy</string>
<key>PayloadOrganization</key>
<string>FTIFF</string>
<key>PayloadIÇQdentifier</key>
<string>3776AE79-8054-449D-94AA-6E94F9343D2E</string>
<key>PayloadDisplayName</key>
<string>Passcode</string>
<key>PayloadDescription</key>
<string/>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadEnabled</key>
<true/>
<key>allowSimple</key>
<false/>
<key>forcePIN</key>
<true/>
<key>maxPINAgeInDays</key>
<integer>90</integer>
<key>minLength</key>
<integer>8</integer>
<key>pinHistory</key>
<integer>12</integer>
<key>requireAlphanumeric</key>
<true/>
<key>maxGracePeriod</key>
<integer>0</integer>
<key>minutesUntilFailedLoginReset</key>
<integer>0</integer>

ffb737ae53174e82ba4557151f57fedd

Someone has same issue?

Found this:

https://discussions.apple.com/message/29224711#29224711

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
gachowski
Valued Contributor II

Posted on ‎11-27-2015 12:35 PM

I couldn't find the thread, but I know it's there I posted in it : )

I think in El Capitan you have to have "Delay after failed login attempts" set or the profile will not load...

Sorry I can't help anymore...
C

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎11-27-2015 07:24 AM

Just tried it, same error on my JSS/Mac.

0 Kudos

Go to solution
gachowski
Valued Contributor II

Posted on ‎11-27-2015 12:35 PM

I couldn't find the thread, but I know it's there I posted in it : )

I think in El Capitan you have to have "Delay after failed login attempts" set or the profile will not load...

Sorry I can't help anymore...
C

0 Kudos

Go to solution
ftiff
Contributor

Posted on ‎11-30-2015 03:45 AM

Well done, @gachowski !

You need:
- Maximum number of failed attempts
- Delay after failed login attempts

See screenshot:
3a319c0475514724a5d718abdb1aac55

Please vote here -> https://jamfnation.jamfsoftware.com/featureRequest.html?id=4209

0 Kudos

Go to solution
cgreid
New Contributor III

Posted on ‎11-30-2015 08:40 AM

I followed these steps and the policy downloaded with no issue on my test laptop. However, whenever I needed to enter my admin password for unlocking the Users Preferences in system preferences, my password was no longer recognized. Is this because my admin password does not meet the criteria I set in the password policy?

As soon as I remove the profile from the test laptop my admin password works again.

0 Kudos