search

joshua-d-miller / macOSLAPS

Swift binary that will change a local administrator password to a random generated password. Similar behavior to LAPS for Windows
MIT License
382 stars 57 forks source link

Suggestion: Native Password Verification #94

Open PicoMitchell opened 1 year ago

PicoMitchell commented 1 year ago

At https://github.com/joshua-d-miller/macOSLAPS/blob/a906d5bb7a16d872864c223276123dbf904e55d8/macOSLAPS/main.swift#L81 the native verifyPassword OpenDirectory method could be used instead of shelling out to dscl . -authonly.

The setup required to use this method would be very similar to what is already done when using the changePassword method at https://github.com/joshua-d-miller/macOSLAPS/blob/a906d5bb7a16d872864c223276123dbf904e55d8/macOSLAPS/Password%20Tools/LocalPasswordTools.swift#L56 but you would need to use kODNodeTypeAuthentication instead of kODNodeTypeLocalNodes.

joshua-d-miller commented 5 months ago

I believe this is addressed in the current prerelease. Please test and let me know.

Thanks!

PicoMitchell commented 5 months ago

Awesome, thank you! I will not be able to test though. Feel free to close the issue if you've deemed it fixed.

joshua-d-miller commented 5 months ago

I will close this after 4.0.0.0 becomes a full release