Jamf Nation Community

I should have been more clear in my post. @Sonic84 I'm using the options in a policy under Management Account "tab" to "Specify New Password". This is how I've done it in the past. And I don't think I can encapsulate the password in slashes or quotes (single or double) via the policy tabs.

I know I can use a script or QuickAdd to do this, but I've alway done it using the policy method. It's nice and simple and just requires changing the password in the policy and flushing the logs. Easy peasy lemon squeezy. :-)

And one more thing. I believe this was working in 9.62, because I have a few machines that the password change took effect on, and those were ones that ran before I upgraded to 9.63.

That's interesting.

I have a bug report in with our acct mgr on something similar. We noticed a Quick Add package with Recon that had a $ in the password would also cause issues. 9.62 didn't seem to have issues. I haven't updated our test environment yet to see how 9.64 behaves. Looks like tomorrows project.

Haha I remember yelling at a few employees over this a few years back. I defer to the rule don't use "$" in passwords. They don't play nice. My suggestion is to script it or change the password. I scripted it with just use the backslash before the $.

Ugh, yes, we just upgraded to 9.63 over the weekend, and I am seeing this issue too. It was working fine in 9.61, hopefully it's fixed in 9.64 so I can do an emergency upgrade.

I can verify this because we just changed a password that is managed by this feature about a month ago, and it contains a $ (not the management account password, a local account). Passwords that have already been set are OK, but the feature simply is failing to change the password now.

Just FYI, I've got a ticket open with JAMF support about an issue with changing management passwords in 9.63- if the policy is set to create a password of the maximum length, it ALSO fails to change the password.
For now, we've switched over to generating a random password using openssl.

I heard back from support this morning, and this is a known issue with an open defect (D-008512). I'm going to get around it using a QA package since that will update the JSS with the appropriate info and is nice and easy to complete.

This is also in play if you have a policy to randomly generate new passwords. If the random password has a $ character in it, connecting via casper remote will fail.
I confirmed this bug with the support staff yesterday. Their recommendation was to switch from a random password to a static password without a $.