reedsam
commented
3 years ago Just to add to this, did a bit more troubleshooting today and it runs fine when I call it via sudo launchctl start edu.psu.macoslaps-check. Just dosen't work via the daemon
Closed reedsam closed 3 years ago
reedsam
commented
3 years ago Just to add to this, did a bit more troubleshooting today and it runs fine when I call it via sudo launchctl start edu.psu.macoslaps-check. Just dosen't work via the daemon
reedsam
commented
3 years ago Today I had a bit more of a dig and managed to get this out of the log file. Any ideas why this may be happening?:
`Info|Thu Dec 10, 2020 06:00:13 pm|macOSLAPS|No Preferred Domain Controller Specified. Continuing...
Info|Thu Dec 10, 2020 06:00:13 pm|macOSLAPS|Password Change is required as the LAPS password for support, has expired
Info|Thu Dec 10, 2020 06:00:13 pm|macOSLAPS|The local admin: support has been detected to have a secureToken. Performing secure password change...
Error|Thu Dec 10, 2020 06:00:13 pm|macOSLAPS|Unable to connect to local directory or change password. Exiting...`
joshua-d-miller
commented
3 years ago Hello @reedsam,
So it seems that your admin account has a secureToken. What that means is in order to change the password, macOSLAPS must know the actual password to the account. If there is not a keychain entry then it would look in a configuration profile or PLIST for the FirstPass key. Once you initiate the change, the new password will be stored in the keychain and used from that point forward.
Thanks!
reedsam
commented
3 years ago Hi Joshua,
Yep you were correct. For some reason it didn't like the password I had in the PList. I amended it and it works great now!
Thanks
Hi,
I have been trying to get this to work and it all works well when i run it manually but when i try to run it via a LaunchDemon i get this error:
Dec 7 21:27:42 *** com.apple.xpc.launchd[1] (edu.psu.macoslaps-check[61937]): Service exited with abnormal code: 1
I am using the default provided .plist