Standard a/c get changed to Admin a/c automatically on Managed mac.

New Contributor III

The Standard Account on managed Mac get changed to Admin Account without any change done from Jamf Admin.

User do not have a way to get default admin password to make changes to his account.

And, I've already run a script to change the standard account to admin and next day again the account got changed to admin.
Not sure what changes took place or what might have caused this change.

It would be much appreciated if I can get some input on this.


Honored Contributor II

If you have access to the logs on the Mac you should be able to track down the event that recorded when the account was promoted to admin. Once you have that event you can usually find the related events and one of them should tell you what account gave the secure and bootstrap token.

New Contributor III

Well Thank you for the suggestion.
However, do we have any script that I can run from jamf console to view the result.

Directly or Indirectly we would not be able to run any command on User's machines.

Contributor II

Maybe unrelated but you never know. I worked at a place where all the Macs were AD bound. Someone used the 'Manage By' AD tab and added the device users ID number. This automatically made those users admin on the device. You can't reverse it by removing the username from the tab, you have to use other methods to set them back to standard user.