Enforce password change only with NoMAD or Jamf Connect

omarluna
New Contributor III

Hey there! Quick question. I am testing NoMAD with quite a success. This is the initial test to then move to Jamf connect with Azure AD. Here is the first challenge I want to solve.

Nomad works great when it comes to password sync and keychain management. However, our users are used to change their passwords via "Security Settings" or Change password from User Preferences.

I noticed that if I change my local password locally and not with nomad, Nomad will still connect and the passwords are now out of sync.

I would like to enforce users somehow to change their passwords via nomad. Not sure if blocking the entire user and security preferences is the best strategy.

Any Ideas? how did you guys deal with this kind of situations? Changing the password locally creates a password miss-match with the AD password that will only resync if the user signs out and signs back in.

Alternatively, I was thinking if there is an extension attribute that I can use to check if NoMAD is synced.

Any help is highly appreciated.

1 ACCEPTED SOLUTION

JPWheatley
New Contributor II

e09c6e70f4fd4748b135b7c3816e9660
You can disable the "Change password" option with a configuration profile . This will then force the user to change the password through NoMad

View solution in original post

2 REPLIES 2

JPWheatley
New Contributor II

e09c6e70f4fd4748b135b7c3816e9660
You can disable the "Change password" option with a configuration profile . This will then force the user to change the password through NoMad

omarluna
New Contributor III

Thank you JP, Adding this to my workflow works