Skip to main content

Admin Password management (MDM Command - macOS)

What

The Admin Password Management featurecommand inlets FileWave allows administrators to remotely change the managed local admin password on eligible macOS devices enrolledthrough viaMDM. Use it for the admin account that FileWave created during Automated Device Enrollment (DEP). This functionality utilizes MDM commands to securely update the admin account passwordDEP/ADE), without requiringneeding physical access to the device. The admin account must have been created during enrollment using DEP profile options.Mac.

When/Why

When to Use:use this:

  • EnhancingSecurity Securityrotation:: RegularlyChange updatemanaged admin passwords toon maintaina strongschedule securitythat protocols.matches your organization's policy.
  • RespondingSuspected toexposure: Security Threats: Immediately changeRotate the admin password if asomeone securitywho breachshould ornot unauthorizedknow accessit ismay suspected.have had access.
  • Staff Changeschanges:: Update passwordsthe password when personnelIT staff with admin access leave theor organization.change roles.
  • PolicyCompliance: Compliance:Keep Enforcelocal passwordadmin changescredentials to complyaligned with organizational security policiesinternal or regulatory password requirements.

Why Useuse Thisthis Feature:feature:

  • Remote Accessibilitypassword reset:: Change the managed admin passwords remotelypassword across multipleselected devices without physical intervention.
Efficiency: Save time by simultaneously updating passwords on numerous devices from a central console. Security Assurance: Reduce the risk of unauthorized access by keeping admin credentials up-to-date. Centralized Management: Maintain control over admin accounts across all DEP-enrolled macOS devicesMacs from FileWave Central. Less hands-on work: Avoid touching each device when the only required change is the local admin password. Controlled access: Keep the managed admin credential current without changing unrelated user accounts.

How

Prerequisites

  • DEPEnrollment: Enrollment:The DevicesMac must be enrolled viathrough Automated Device Enrollment (DEP)DEP/ADE).
  • Apple OS/Hardwarehardware:: DevicesThe device must be an Apple Siliconsilicon macOS systemsMac running macOS 15.0 or higherlater.
  • AdminManaged Accountadmin Creationaccount:: The admin account must have been created during DEPDEP/ADE enrollment using the profile options.

Note that ifIf you create the admin account as required for this featurefeature, thenalso you should consider:review Bootstrap Token Management on macOS .

Steps to Changechange the Adminadmin Passwordpassword

  • In FileWave CentralCentral, select the deviceMac, andthen rightchoose click -> MDM -> Change Admin Password... from the device context menu.

Important Notesnotes

  • EncryptionSecure anddelivery: Security:FileWave Thesends the new password isthrough securely transmitted usingthe MDM protocols.command channel.
  • User Impactimpact:: Changing the admin password maycan affect scriptsscripts, services, or servicesworkflows that still rely on adminthe credentials.old credential.
  • CommunicationTeam communication:: Consider notifyingTell other IT staff aboutwhen the managed admin password changechanges toso preventthey accessdo issues.not keep using the old value.

Common questions

TheIf you are looking for a way to reset a Mac's managed local admin password, rotate a DEP-created admin password, or change an ADE admin account password remotely, use the Change Admin Password ManagementMDM featurecommand empowers administrators to maintain strong security across all DEP-enrolled macOS devices efficiently. By leveragingfrom FileWave Central to manage admin passwords remotely, organizations can ensure compliance with security policies, respond swiftly to potential threats, and maintain centralized control over their device fleet.

By utilizing this feature thoughtfully and adhering to best practices, you can significantly enhance your organization’s security posture while streamlining administrative tasks.Central.

Related Content

Back to top