Solved

User password change inventory

Forum|Forum|3 years ago
March 28, 2022
3 replies
21 views

E

+6

Eskobar
Contributor

Hi,

We need to have a log in jamf showing users change of their password.

This is requested for AD mobile accounts and especially for local accounts.

Jamf cannot make it natively.

Any idea on how to make using script, custom extension or else ?

Thanks

Best answer by robjschroeder

Hey Eskobar,

I don't know if this is what you're looking for, but I made an extension attribute to grab the last password change for the last logged in user. Here you go, I hope it helps.

#!/bin/bash

# Extension attribute to grab the last password
# change for the last logged on user

# Created 3.31.2022 @robjschroeder

# Grab the last logged in User
lastLoggedInUser=$( defaults read /Library/Preferences/com.apple.loginwindow lastUserName )
# Get the password change date of that User
lastPWChange=$( date -r $(dscl . -read /Users/$lastLoggedInUser accountPolicyData |
	tail -n +2 |
	plutil -extract passwordLastSetTime xml1 -o - -- - |
	sed -n "s/<real>\\([0-9]*\\).*/\\1/p"))

echo "<result>$lastPWChange</result>"

exit 0

R

+15

robjschroeder
Jamf Heroes
Answer
Forum|Forum|3 years ago
April 1, 2022

Hey Eskobar,

I don't know if this is what you're looking for, but I made an extension attribute to grab the last password change for the last logged in user. Here you go, I hope it helps.

#!/bin/bash

# Extension attribute to grab the last password
# change for the last logged on user

# Created 3.31.2022 @robjschroeder

# Grab the last logged in User
lastLoggedInUser=$( defaults read /Library/Preferences/com.apple.loginwindow lastUserName )
# Get the password change date of that User
lastPWChange=$( date -r $(dscl . -read /Users/$lastLoggedInUser accountPolicyData |
	tail -n +2 |
	plutil -extract passwordLastSetTime xml1 -o - -- - |
	sed -n "s/<real>\\([0-9]*\\).*/\\1/p"))

echo "<result>$lastPWChange</result>"

exit 0