predfern
commented
7 years ago Hi dansshaw,
Looks like it is having an issue with the RunLAPS function.
RunLAPS (){
ScriptLogging "Running LAPS..."
if [ "$oldPass" == "" ];then
ScriptLogging "Current password not available, proceeding with forced update for $resetUser."
echo "Current password not available, proceeding with forced update."
$jamf_binary resetPassword -username $resetUser -password $newPass
else
ScriptLogging "Updating password for $resetUser."
echo "Updating password for $resetUser."
$jamf_binary resetPassword -updateLoginKeychain -username $resetUser -oldPassword $oldPass -password $newPass
fi
}If it is successfully changing the password but still reporting an error, it is possible that the -updateLoginKeychain is tripping up the process. Would you please try running this portion manually on an affected machine and let me know the results. $jamf_binary resetPassword -updateLoginKeychain -username $resetUser -oldPassword $oldPass -password $newPass
Also, would you be able to send me a local log, found at /Library/Logs/Casper_LAPS.log, from one of the affected machines. That records additional information that is not sent to the JSS.
Thanks!
Thanks so much for posting this set of scripts and workflow. In my testing it is working great, but I wanted to ask one question regarding the output log in Casper when the policy runs to change the password of an existing admin account.
The script runs and works, but I get an error for some reason in the log. Not sure why.
Executing Policy LAPS for localadmin Running script LAPS... Script exit code: 0 Script result: unable to write 'random state' localadmin is a local user on the Computer A Password was found in LAPS. Password stored in LAPS is correct for localadmin.
Updating password for localadmin.
There was an error.
Error changing password for localadmin
New password for localadmin is verified. 463LAPS password for localadmin is verified. LAPS Update Finished.