Help

NoMAD local password change problem

samuellarsson
New Contributor III

Posted on ‎08-21-2018 01:53 AM

Hi nation,

I'm currently using NoMAD in my Jamf environment, but it the local password sync doesn't seem to be doing its job. When the password has been changed, I would assume that NoMAD at the least would prompt for a password change after a reboot, or even a logout/login event (of macOS), however it doesn't. The only time I can trigger a prompt is when I force sign out on NoMAD and log back in. Why does it not sync the passwords at macOS login when it starts? Is it working the way it's supposed to?

Here is my preferences file:

{
    HidePrefs = YES;
    SecondsToRenew = 7200;
    GetHelpOptions = SECRET
    PasswordExpireCustomAlert = "Password expiring soon";
    DontShowWelcomeDefaultOn = YES;
    HideSignOut = YES;
    HideRenew = YES;
    GetHelpType = URL;
    ShowHome = YES;
    HideLockScreen = YES;
    HideAbout = YES;
    SignInWindowAlert = YES;
    AutoRenewCert = 30;
    SignInWindowOnLaunch = YES;
    RenewTickets = YES;
    ChangePasswordType = URL;
    ChangePasswordOptions = SECRET
    KerberosRealm = SECRET
    RecursiveGroupLookup = YES;
    x509CA = SECRET
    HideQuit = YES;
    Template = "User Auth";
    ADDomain = SECRET
    UseKeychain = YES;
    PasswordExpireAlertTime = 30;
    MenuFileServers = "Common Shares";
    PersistExpiration = YES;
    SignInWindowAlertTime = 300;
    LocalPasswordSync = YES;
    PasswordExpireCustomAlertTime = 14;
    LocalPasswordSyncOnMatchOnly = YES;
    DontShowWelcome = YES;
    Verbose = NO;
    GetCertificateAutomatically = YES;
}
0 Kudos
3 REPLIES 3

mojo21221
Contributor II

Posted on ‎08-21-2018 06:09 AM

Are you also running a passcode config profile from jamf? We had an issue where our AD criteria was more less strict than our jamf criteria. So when a user would attempt to change their pw from NoMad, AD would change, but local would not update as it didn't meet the criteria. A way to verify would be to go through the motions of changing your pw from the "classic" Sys Prefs way just to see if your are meeting the local machines criteria, but before you hit enter. Use that same pw in NoMad to change your pw.

0 Kudos

marklamont
Contributor III

Posted on ‎08-22-2018 01:47 PM

if you run nomad direct from a terminal

/Applications/NoMAD.app/Contents/MacOS/NoMAD -v

you can see what happens in verbose mode. I had the a similar issue and it was because the AD password failed the policy on the mac as @mojo21221 mentioned, in my case it was in the password history. I raised an issue for it here

0 Kudos

CGundersen
Contributor III

Posted on ‎08-22-2018 01:55 PM

MessageUPCAlert perhaps?

https://nomad.menu/help/preferences-and-what-they-do/

0 Kudos