pycreateuserpkg icon indicating copy to clipboard operation
pycreateuserpkg copied to clipboard
verified publisher icon gregneagle

Feature Request: Force password change at first login

Open serrc-techops opened this issue 5 years ago • 2 comments

Being able to force a password change at first login would be a handy feature when creating a user account using a generic password.

I've experimented with doing this in macOS 10.15.6 using a com.apple.mobiledevice.passwordpolicy profile though it appears that payload can only be applied to an individual user when that user is currently logged in.

serrc-techops avatar Sep 17 '20 19:09 serrc-techops

This is not a feature I need, nor one I know how to implement. I'd be happy to review a Pull Request that implemented such functionality. Installing a config profile using the profiles command is a dead-end, though, since that functionality is removed in Big Sur.

gregneagle avatar Sep 17 '20 19:09 gregneagle

@serrc-techops The following won't help you except prevent you wasting time.

macOS has a pwpolicy command you could run in a script via which in theory you can trigger the need for the user to change their password on next login. Unfortunately Apple broke this in Catalina, in Catalina if you use it it screws up the user account and this then requires resetting the password via a normal mechanism e.g. System Preferences from another admin account.

jelockwood avatar Sep 17 '20 19:09 jelockwood