macOSLAPS
NoMAD-2
macOSLAPS | NoMAD-2 | |
---|---|---|
27 | 4 | |
365 | 58 | |
- | - | |
0.0 | 0.0 | |
about 1 year ago | 4 months ago | |
Swift | Swift | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
macOSLAPS
-
Best practice for MacOS control + user experience in Intune. (Autopilot for Macs to Intune)
LAPS isn't natively supported but once again there's a third-party solution
- Simple App to help Mac Admins
-
Mac user password resets
As others have mentioned, a second account with admin privileges might be your best bet. If you're going to go that route, you may want to implement macoslaps along with that. Macoslaps randomizes the local admin password which comes in handy if you need to give the password to someone. It used to be only for Active Directory joined Macs but now can be used without an active directory (via MDM). Here's the link for more info: This goes on the clients - https://github.com/joshua-d-miller/macOSLAPS
-
Anyone know if macOSLAPS will work with the new Windows LAPS update Microsoft just announced?
We use MacOSLAPS on our Mac clients to randomize the admin password on those machines: https://github.com/joshua-d-miller/macOSLAPS
-
The Active Directory team has delivered LAPS natively to Windows 10 & 11, #WindowsServer 2019 & 2022 with this month’s Patch Tuesday!
And that implementation is why when I set this up at $oldJob I set the RemovePassChars key to all ambiguous characters I had run into on the Microsoft product.
-
First Post - a stupidly specific failure
I believe setting something like macOSLAPS up will also resolve the issue since the automatically created local account would authenticate and update it's password silently.
- is it possible to see what account made changes to the system?
-
Need advice for securing company laptops
There are a variety of alternatives, such as https://github.com/joshua-d-miller/macOSLAPS
- Create a standard account, no admin account
- Mac User accounts
NoMAD-2
-
Migrating away from AD Binding: Challanges with Creating Accounts on Shared Macs
K-12 (or higher ed) and shared labs would be my guess. It's really not that bad though, maybe if you had FV2 enabled, but that wouldn't really make sense on a shared computer. To OP - I have close to 500 Macs on Ventura using NoMAD / Login in labs, with 0 issues. Jamf didn't really 'kill it off' - in fact they're still developing NoMAD 2 - https://github.com/jamf/NoMAD-2 - though I don't really have any experience with that. XCreds changed their licensing model so that the latest version is only available as source code. You'd have to package and I believe notarize it yourself. Doable, but more effort than some people would like to spend. You basically buy the precompiled version with a license now. If you buy enough licenses you get better support. XCreds is absolutely dirt cheap compared to Jamf Connect. I'm trying to go the XCreds route myself. NoMAD still *works* but there's no support and it could break anytime. You can't beat free, and it's been great for us for years, saved lots of money. I've been in contact with Tim to get XCreds working with our third-party IdP / SSO (ClassLink).
-
First Mac in Windows Environment
Jamf is actually still maintaining it and working on NoMAD 2: https://github.com/jamf/NoMAD-2
-
Domain Joined Mac Login Issues
That said, it looks like work began a few months ago on a complete rewrite.
- NoMAD Login vs Jamf Connect to avoid July AD bind apocalypse?
What are some alternatives?
LAPSforMac - Local Administrator Password Solution for Mac
NoMAD - Get all of AD, with none of the bind!
access-manager - Access Manager provides web-based access to local admin (LAPS) passwords, BitLocker recovery keys, and just-in-time administrative access to Windows computers in a modern, secure, and user-friendly way.
macOS-enterprise-privileges - For Mac users in an Enterprise environment, this app gives the User control over administration of their machine by elevating their level of access to Administrator privileges on macOS. Users can set the time frame using Preferences to perform specific tasks such as install or remove an application.
ProfileManifestsMirror - Jamf JSON schema manifests automatically generated from ProfileCreator manifests (https://github.com/ProfileCreator/ProfileManifests)
PPPC-Utility - Privacy Preferences Policy Control (PPPC) Utility
nudge - A tool for encouraging the installation of macOS security updates.
MakeMeAnAdmin - Provides temporary admin access for a standard user via Jamf Self Service
santa - A binary authorization and monitoring system for macOS
open-source-mac-os-apps - 🚀 Awesome list of open source applications for macOS. https://t.me/s/opensourcemacosapps
shell-intune-samples - Sample shell scripts for Intune admins.
laps-web - A web site for managing access to local admin passwords managed by Microsoft LAPS