search

joshua-d-miller / macOSLAPS

Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows
MIT License
384 stars 58 forks source link

macOSLAPS 1.0.4 crashes when it cannot connect to the directory server #17

Closed neilmartin83 closed 6 years ago

neilmartin83 commented 6 years ago

Testing the new 1.0.4 pre-release which is working as expected when the DC is reachable, but when not (i.e. on my MacBook at home and I disconnect the VPN/disable Wi-Fi), it crashes with nothing written to /Library/Logs/macOSLAPS.log. The password for the local admin account is not changed, which is good.

Here's the output:

Fatal error: 'try!' expression unexpectedly raised an error: Error Domain=com.apple.OpenDirectory Code=2100 "Connection failed to node '/Active Directory/UEL/uel.ac.uk'" UserInfo={NSLocalizedDescription=Connection failed to node '/Active Directory/UEL/uel.ac.uk', NSLocalizedFailureReason=Connection failed to the directory server.}: file /BuildRoot/Library/Caches/com.apple.xbs/Sources/swiftlang/swiftlang-900.0.74.1/src/swift/stdlib/public/core/ErrorType.swift, line 181 Illegal instruction: 4

And a crash report:

macOSLAPS_2018-03-15-095820_DLEB285-17096.crash.zip

Version 1.0.3 reports Error|Thu Mar 15, 2018 10:20:39 AM|macOSLAPS|Unable to connect to Active Directory under the same conditions.

joshua-d-miller commented 6 years ago

I'll take a look at this tonight. Sorry it has taken so long to look at this.

joshua-d-miller commented 6 years ago

Please try the new build I posted and let me know your results.

neilmartin83 commented 6 years ago

@joshua-d-miller looks good!

VPN connected: Info|Mon May 07, 2018 09:10:36 PM|macOSLAPS|Password change is not required as the password for ladmin does not expire until Wed Jun 06, 2018 09:10:32 PM

VPN disconnected: Debug|Mon May 07, 2018 09:10:51 PM|macOSLAPS|Active Directory Node not available. Make sure your Active Directory is reachable via direct network connection or VPN.

And a -resetPassword for good measure


Info|Mon May 07, 2018 09:10:32 PM|macOSLAPS|Password change has been completed for local admin ladmin. New expiration date is Wed Jun 06, 2018 09:10:32 PM
Debug|Mon May 07, 2018 09:10:32 PM|macOSLAPS|Keychain does not currently exist. This may be due to the fact that the user account has never been logged into and is only used for elevation...```