Posted on 01-29-2021 07:06 AM
This might sound silly but how do you login do the hidden Admin account with random password on a machine on enrollment? Is the password stored somewhere or can you change the password somewhere before needing to manage the users machine? How does this tie in with FV2?
Posted on 01-29-2021 08:35 AM
Are you not creating a local admin account at enrolment to manage secure token, etc?
Posted on 01-29-2021 10:07 AM
Did you thought about something like this:
We do use the 2nd one and find it very useful.
Posted on 01-30-2021 03:31 AM
@Tangentism I'm talking about under user-initiated enrollment where you can select the option to randomize the password. For prestage enrollment you can only put a password. That is correct.
@maik.sanftenberg ah yes I remember LAPS on Windows. This might do.
Posted on 08-14-2021 02:07 AM
You may also test EasyLAPS. I'm the author of this tool which is designed to regularly rotate the local administrator account password of a Mac and store it in a MDM like Jamf Pro or Jamf School.