Password Config Profile not applying

steviethetv
New Contributor III

I'm trying to apply a configuration profile with the following items:
- Passcode
- Software Update
- Restrictions
- Login Window
- Security & Privacy
- Energy Saver

When I apply this policy though, users who do not meet the password requirement are not prompted to change their password when they logout/login or reboot.

When I create the config profile with just the passcode payload (no other config profiles are applied), I get the expected behavior, where a user with an invalid password gets prompted to change their password on reboot or login/logout.

Is it possible to have the passcode payload in the same config profile as all the other security settings, or does it need to be its own config profile?

1 ACCEPTED SOLUTION

steviethetv
New Contributor III

Got confused with passwords and how they operate in Macs. I added the following item in a script which is called during enrollment (which can also be triggered any other way) and I was able to get prompts to change the password at next login

user=$(/bin/ls -la /dev/console | /usr/bin/cut -d ' ' -f 4)
pwpolicy -u $user -setpolicy "newPasswordRequired=1"

View solution in original post

1 REPLY 1

steviethetv
New Contributor III

Got confused with passwords and how they operate in Macs. I added the following item in a script which is called during enrollment (which can also be triggered any other way) and I was able to get prompts to change the password at next login

user=$(/bin/ls -la /dev/console | /usr/bin/cut -d ' ' -f 4)
pwpolicy -u $user -setpolicy "newPasswordRequired=1"