Help

Keychain Management (Admin Account)

Go to solution
joemamasmac
New Contributor III

Posted on ‎11-20-2013 12:21 PM

Hello All,

I am wondering if anyone else is having problems with keychain access and the management account? We image most of our machines via a master image. We use the latest hardware available to make the image and then push to other machines. We also create an Admin account that we then change the password on every 6 months.

My problem is with the Admin account. When we initially image the machine, it has the default password used when we create all images. When we use Casper to change the administrative password on all machines, we constantly get a prompt when logging in to unlock the keychain. Most of my users don't know the "default password", they know the current password that is set for the next 6 months.

I am wondering if there is a way for me to disable these messages for the admin account. If you simply click cancel, you get the error message over and over.

Joe

0 Kudos
Reply
1 ACCEPTED SOLUTION

Go to solution
nessts
Valued Contributor II

Posted on ‎11-20-2013 12:36 PM

in the policy that changes the password add a rm /Users/admin/Library/Keychain/login.keychain
to the execute command section of your policy, which is under files and processes on the 9.x JSS and Advanced on 8.x

View solution in original post

0 Kudos
Reply
4 REPLIES 4

Go to solution
nessts
Valued Contributor II

Posted on ‎11-20-2013 12:24 PM

remove login.keychain from your image. remove it every time you change the password. not sure why you would want an admin account to have saved passwords if you are giving it out.

0 Kudos
Reply

Go to solution
joemamasmac
New Contributor III

Posted on ‎11-20-2013 12:31 PM

I really have no reason to have saved passwords on the image that we deploy. Would this just be a matter of deleting it from the Master before I image, or is there another way to automate this process each time the admin password is updated?

Joe

0 Kudos
Reply

Go to solution
nessts
Valued Contributor II

Posted on ‎11-20-2013 12:36 PM

in the policy that changes the password add a rm /Users/admin/Library/Keychain/login.keychain
to the execute command section of your policy, which is under files and processes on the 9.x JSS and Advanced on 8.x

0 Kudos
Reply

Go to solution
joemamasmac
New Contributor III

Posted on ‎11-20-2013 12:57 PM

That looks like it would work, thanks for your help and quick reply.

Joe

0 Kudos
Reply