After binding a user through JumpCloud to a Mac system, when the user attempts to authenticate, they receive a message that they must reset their password. No matter the input, the password modification will fail and login will fail (and passwords should be forced through JumpCloud Agent regardless).
Tip: You can apply the Mac Password Modification Policy with the Allow Change Password option cleared to prevent users from changing their passwords from their Mac's System Preferences.
When a password policy profile is attached to the user (Apple menu () > System Preferences > Profiles) and regardless of whether or not the complexity is different from that of JumpCloud, the system will force the user to try and reset their password for compliance, and the user will never be able to successfully login.
The Mac profile needs to be deleted from the system for JumpCloud to successfully manage the local user. You can use JumpCloud's password complexity management for managing your security requirements.
- Click the Apple menu () at the top-right of the screen.
- Select System Preferences...
- Click Profiles.
- In the left-pane under User Profiles, select and highlight the profile that manages password complexity.
- Click the the minus sign ( - ) to delete the profile.