While it would be nice for users change their password in System Preferences—>Users & Groups so it updates their login.keychain, the reality is we require users to update their password through a webpage that we know propagates to all our systems. The biggest downfall to this process is their keychain don’t get updated automagically. So to make life easier for our users I'm working on an Self Service item that uses AppleScript to automatically open the Keychain Access—>"Change Password for Keychain 'Login’…” box so users can easily update their Keychain.
I have the script working with one caveat. It works as long as when Keychain Access opens it was last on the “Login” keychain and it is unlocked. If Keychain Access is on the System keychain, or System Roots, etc. then it will fail. I’ve played around a lot trying to figure how to get AppleScript to switch to the login keychain but knowing very little about AppleScript I'm not getting it to work
Does anyone know how to get “Login” selected if it is not initially?
tell application "Keychain Access" to activate
tell application "System Events"
tell process "Keychain Access"
click menu item "Change Password for Keychain “Login”…" of menu "Edit" of menu bar 1
end tell
end tell
Side note(s): 1. I've tried opening the ~/Library/Keychains/login.keychain file after the Applescript opens Keychain Access It will then select it but it’s not consistent as the keychain will be locked. 2. I've also thought about using the ‘security’ CL mixed with CocoaDialog but the built in popup box Apple provides is a much nicer user experience IMHO. :)
Thanks!