Has anyone run into a situation where their users are prompted to change their password without a password expiration being defined in a policy? We had a policy last fall as we were onboarding with a new MSP that runs out Jamf instance, but that policy was disabled and the scope was changed to 0. I checked the Change Management Log and nothing jumps out at me. I checked the history of the impacted users and there's nothing new running. It's really bizarre. Any ideas on what could be causing this? It doesn't seem to be universal (at least not yet), but is impacting a good number of our users.
Have you looked into the effected Mac's jamf.log file to see if anything is running? Also, are the user accounts local or managed (domain bound). If the user accounts are no longer managed by the policy how are they managed then?
We think we figured out the issue. We had a password expiration policy set about 5-6 months ago. It wasn't disabled properly, scope wasn't changed, and it wasn't deleted. Apparently, today was the expiration date. There was nothing in the logs to show that anything was running beyond the inventory.