Local Users Not Allowed to Log In

Question

Hi everyone,I work for a High School and I'm having a hard time figuring out the root of this issue. They authenticate via Google, then type their local password, to get an error message saying  "You are not allowed to log in at this time". Though, this is working on a few users of the same groups and all, so the inconsistency is throwing me for a loop. When I call for JamfConnectLogin.log, I get: authorizationhosthelper.x86_64[4394:7709] [com.jamf.connect.login:KeychainAdd] Tried to get the login name but couldn't find it. macOS Version: 11.6.0JamfConnect 2.6 Anyone have any ideas? Would be much appreciated.

rabbitt · Accepted Answer

Look for a configuration profile applied to the machine with a Login Window payload. Under Access, there is an option to deny login for any local users:

This may have been applied to the machine if it was once bound to an on-premises Active Directory server. Turn the first option - "Local-only users may log in" - back on OR unscope the config profile from target machines.

Nailed it! I had set an inactivity log-out under "options" in that config, and had that "Local-only users may log in" setting turned off. Appreciate you!

nwebster · Answer

Look for a configuration profile applied to the machine with a Login Window payload. Under Access, there is an option to deny login for any local users:

This may have been applied to the machine if it was once bound to an on-premises Active Directory server. Turn the first option - "Local-only users may log in" - back on OR unscope the config profile from target machines.

Nailed it! I had set an inactivity log-out under "options" in that config, and had that "Local-only users may log in" setting turned off. Appreciate you!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded