Skip to content

I suggest you ...

← Suggestions

Implement "force password change when the user authenticates"

As per https://support.apple.com/en-ca/guide/deployment/dep4d6a472a/web, Apple has an API for forcing a user password change. This is useful when updating password policy - passwords that met the old policy but no longer meet the new policy are not evaluated and forced to change. This setting, however, would make it so.

6 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Ashley Harvey shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Ashley Harvey commented  ·   ·  Report

    Currently this has to be done by creating a custom profile via a utility other than Configurator (as of this writing). Upon pushing the "force password update" setting inside a profile and rebooting, the user is prompted for their new password. They can reuse their old password if it meets current password policies (including reuse settings); but must change it if not.

    This is perfect except you have to create and push this custom profile. Then you have to manually remove the profile once you've (somehow) verified that people have had a chance to re-auth. I guess the easiest way is to wait a couple of weeks and then make sure uptimes on machines are less than the time you waited - meaning a reboot took place and presumably the user was presented. This is clunky and too manual.

Suggestions

Categories

Feedback and Knowledge Base

(thinking…)