Jamf Nation Community

user-pVcDTGvoEV · ‎12-14-2021

Hi All,

I created a Pre-Stage Enrollment that includes a local administrator account on all of the MacBooks in the Pre-Stage enrollment. I now want to update that admin password on all of the affected devices.

I have updated the password on the Pre-Stage Enrollment but I am not sure that will change the MacBooks that are already setup.

Is there a process to update that local admin password (silently hopefully) that I am overlooking?

YanW · ‎12-14-2021

maybe this

dscl . -passwd /Users/yourlocaladmin oldpassword newpassword

View solution in original post

YanW · ‎12-14-2021

maybe this

dscl . -passwd /Users/yourlocaladmin oldpassword newpassword

user-pVcDTGvoEV · ‎12-14-2021

Thanks for the reply

Is this something I can run remotely through JAMF for the devices for where I can push it down?

YanW · ‎12-14-2021

Maybe "Files and Processes" in a new policy, put that command in "Execute Command".

user-pVcDTGvoEV · ‎12-15-2021

Thanks for this update. I have listed that command in a policy as you specified and forced it to update at check-in & at user login to make sure its going to be pushed down.

Gabriel1 · ‎01-18-2022

When I try this, I get:

DS error: eDSAuthPasswordQualityCheckFailed

<dscl_cmd> DS Error: -14165 (eDSAuthPasswordQualityCheckFailed)

Any ideas?

YanW · ‎01-19-2022

Do you have any passcode requirement set in Configuration Profile? If no, then I don't know. You can try changing password using "Local Accounts" or "Management Accounts" payloads in policies.

respinoza · ‎06-14-2022

quick question, my admin's password has spaces in between how can I keep it all together so the command looks at it like one "word"?

Tribruin · ‎12-14-2021

If you don't need or care about a Keychain or FileVault for the administrator you could use a policy with the local account option and do a Reset Password.

But, if you know the password, I would script the password change as @YanW mentioned above.

mmcallister · ‎12-14-2021

If it is also the management account, there is a payload for this in Computer Policies.

Tildo · ‎02-17-2022

Am I correct in say, if you use the management account payload in Computer policies this will not change the filevault2 password?

mmcallister · ‎02-17-2022

@Tildo In my testing, using this payload changed the password for both login and for Filevault2.

Tildo · ‎02-17-2022

I will give it a test. Thanks

Tildo · ‎02-18-2022

So I just wanted to update on this. We have the managed account, which gets added during the prestage. We also have a local admin account which the desktop support team use to login when a user has issues. What I want to do is reset the local administrator account to a more secure password. I am guessing this would need to be done via the script using the 'Files and Processes' payload?

mmcallister · ‎02-18-2022

@Tildo Yes, that's correct.

Jamf Nation Community

Is it possible to update an Administrator password created through PreStage Enrollment