Help

Smart Computer Group of Incorrect Management Account Passwords

Jason
Contributor II

Posted on ‎10-20-2014 11:27 AM

Just curious about the possibility of this. We randomize the management account password and every so often I'll be using Casper Remote to access a system and it will fail. I'll then go in and scope a policy to reset the management account password which fixes the issue. It would be nice if I could create a smart computer group which will say if the password the JSS knows about is not working on a machine.

Does anyone have a method to do this? If not, I'll poke around some more and see if I can come up with a way.

0 Kudos
Reply
3 REPLIES 3

jrippy
Contributor III

Posted on ‎10-20-2014 11:58 AM

I would love to know this as well.

0 Kudos
Reply

Jason
Contributor II

Posted on ‎10-27-2014 10:48 AM

Just a mini-update, Reached out to JAMF Support and they didn't have a solution either. Might turn into a feature request.

0 Kudos
Reply

mm2270
Legendary Contributor III

Posted on ‎10-27-2014 11:11 AM

Hmm, tricky, I think those passwords are stored in a hashed field in the JSS. If you pull up a computer's API record, the password for the management account shows up like **
You can easily pull the management account name with the API, but I don't think there's an easy way to decrypt that stored password. I'd imagine JAMF made it difficult on purpose, since the management account password is as good as knowing a root password, so it needs to stay protected for security reasons.
Unless they somehow expose that password via the API, which I highly doubt they will, it doesn't seem like this will be possible.

0 Kudos
Reply