wegotoeleven
commented
2 years ago I would like to add to this to request a key to ensure that characters aren't repeated too in the generated password, if poss!
Closed pwbourne closed 1 year ago
wegotoeleven
commented
2 years ago I would like to add to this to request a key to ensure that characters aren't repeated too in the generated password, if poss!
joshua-d-miller
commented
2 years ago Hello @pwbourne and @wegotoeleven!
I like this suggestion and I'm sorry you are having issues with the password. This might go in hand with a previous request about being able to specify a FirstPass command argument to restart rotation. I'm also hoping to get some time over the holidays to work on this project. I'll definitely investigate the password policy issues. Thank you for bringing them to my attention.
Thanks!
wegotoeleven
commented
2 years ago Oh man that's great news! Looking forward to these, and please hit me up if you need any testers!
joshua-d-miller
commented
2 years ago A password policy has been implemented in the prerelease. Please give it a try and let me know: https://github.com/joshua-d-miller/macOSLAPS/releases/tag/3.0.0(752)
cashxx
commented
2 years ago Oh....just ran into this issue myself! I'm also being hit by "Not have two consecutive, or three sequential characters" as well in a policy! Policy has: Not be the same as the previous 2 passwords, Enter a password that is four characters or more, Contain at least one number and one alphabetic character, Contain at least 8 characters, Not have two consecutive, or three sequential characters, Contain at least one non-alphanumeric character, such as, '.`!@#$^&_-+=|(){}[];:/<>,.?
/
joshua-d-miller
commented
2 years ago I believe this is something specific with InTune right?
cashxx
commented
2 years ago My issue is with Intune. The password policy I thought was pretty common password requirements and had a similar setup with Airwatch and AD. Also thought these were Apple based configuration settings that any MDM can set if they support them.
joshua-d-miller
commented
2 years ago @cashxx There is a new password policy in the release candidate of LAPS that you could configure to match your password policy in InTune however it does not currently support consecutive characters or sequential characters. Let me know how it works out for you.
joshua-d-miller
commented
1 year ago There is now a password policy in the latest release of macOSLAPS. Please give it a try and let me know the results.
Hello, First this is a good tool, thank you. I have noticed an issue. I am using in Local mode. I have a password policy applied by MDM that requires Alpha, Number and Symbols.
I have noticed that macOSLAPS will some times generate a password that has no numbers, this gets rejected by the local policy but maOSLAPS thinks it has set the password. This causes it to fail change the password on future runs.
It would be good if there was an option to macOSLAPS a password must contain Alph, Numbers,Symbols and case.