Help

Hidden Admin account with random password how to manage/login?

fimi
New Contributor III

Posted on ‎01-29-2021 07:06 AM

Hello Everyone,

This might sound silly but how do you login do the hidden Admin account with random password on a machine on enrollment? Is the password stored somewhere or can you change the password somewhere before needing to manage the users machine? How does this tie in with FV2?

Thanks.

Labels:
Reply
4 REPLIES 4

Tangentism
Contributor III

Posted on ‎01-29-2021 08:35 AM

Are you not creating a local admin account at enrolment to manage secure token, etc?

bcf1a8289d4c46f88585c497eb9bbff9

0 Kudos
Reply

maiksanftenberg
Contributor II

Posted on ‎01-29-2021 10:07 AM

Did you thought about something like this: https://github.com/joshua-d-miller/macOSLAPS
https://github.com/NU-ITS/LAPSforMac
We do use the 2nd one and find it very useful.

0 Kudos
Reply

fimi
New Contributor III

Posted on ‎01-30-2021 03:31 AM

@Tangentism I'm talking about under user-initiated enrollment where you can select the option to randomize the password. For prestage enrollment you can only put a password. That is correct.

@maik.sanftenberg ah yes I remember LAPS on Windows. This might do.

Reply

francksartori
New Contributor III

Posted on ‎08-14-2021 02:07 AM

You may also test EasyLAPS. I'm the author of this tool which is designed to regularly rotate the local administrator account password of a Mac and store it in a MDM like Jamf Pro or Jamf School.

Reply