Help

User password change inventory

Go to solution
Eskobar
Contributor

Posted on ‎03-28-2022 08:48 AM

Hi,

We need to have a log in jamf showing users change of their password.

This is requested for AD mobile accounts and especially for local accounts.

Jamf cannot make it natively.

Any idea on how to make using script, custom extension or else ?

Thanks

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
robjschroeder
Contributor

Posted on ‎03-31-2022 09:51 PM

Hey Eskobar, 

I don't know if this is what you're looking for, but I made an extension attribute to grab the last password change for the last logged in user. Here you go, I hope it helps. 

#!/bin/bash

# Extension attribute to grab the last password
# change for the last logged on user

# Created 3.31.2022 @robjschroeder

# Grab the last logged in User
lastLoggedInUser=$( defaults read /Library/Preferences/com.apple.loginwindow lastUserName )
# Get the password change date of that User
lastPWChange=$( date -r $(dscl . -read /Users/$lastLoggedInUser accountPolicyData |
	tail -n +2 |
	plutil -extract passwordLastSetTime xml1 -o - -- - |
	sed -n "s/<real>\([0-9]*\).*/\1/p"))

echo "<result>$lastPWChange</result>"

exit 0

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
robjschroeder
Contributor

Posted on ‎03-31-2022 09:51 PM

Hey Eskobar, 

I don't know if this is what you're looking for, but I made an extension attribute to grab the last password change for the last logged in user. Here you go, I hope it helps. 

#!/bin/bash

# Extension attribute to grab the last password
# change for the last logged on user

# Created 3.31.2022 @robjschroeder

# Grab the last logged in User
lastLoggedInUser=$( defaults read /Library/Preferences/com.apple.loginwindow lastUserName )
# Get the password change date of that User
lastPWChange=$( date -r $(dscl . -read /Users/$lastLoggedInUser accountPolicyData |
	tail -n +2 |
	plutil -extract passwordLastSetTime xml1 -o - -- - |
	sed -n "s/<real>\([0-9]*\).*/\1/p"))

echo "<result>$lastPWChange</result>"

exit 0
0 Kudos

Go to solution
Eskobar
Contributor

Posted on ‎04-06-2022 01:14 AM

Hi @robjschroeder 

Script works just fine.

Jamf can now get password changes for binded/mobile accounts.

Thanks for the great help.

Kudos

0 Kudos

Go to solution
Eskobar
Contributor

Posted on ‎04-08-2022 05:33 AM

Hi @robjschroeder 

The  extension attribute is grabbing only 20% of all macs.

Many of them are networked with recent last check in/Last Inventory Update. However, the extension remains empty ! 

Any idea ?

Regards,

0 Kudos