on our devices (10.10.x) we have two local accounts, one "ITadmin" and one "enduser" (also admin level).
We want to set a password policy that only applies to the enduser account as we need to keep the ITadmin accounts the same.
I've tried creating a configuration profile that is set to be user level with only a password payload configured but it doesn't show as applicable to the scoped devices. If I change to computer level it deploys just fine, but is applied to all the accounts.
I've tried using pwpolicy but I can't get the xml file to be in a readable format to be applied.
there is very little help that I can find on how to make a working xml file for this, the man page is very dodgy to say the least and none of the few examples I can find seem to work.
I don't really want to go down the line of using the deprecated command set as I want them to work on 10.11.
Has anyone got a clear example of a working xml file to feed into pwpolicy?