Hi,
On 24 september when macOS Mojave 10.14.0 released i decided to upgrade my own MacBook Pro that was on 10.13.6.
The upgrade was successful and at that moment it seems to be there were no problems at all, until i shutdown my device and booted it up the day after.
When booting, seeing the log-in screen and trying to login with my Managed Mobile Account it will get stuck on the black screen with Apple logo endless.
On our devices we have a local account configured for IT support, and that account is working flawless.
What did i try to solve it;
- Reset PRAM
- Clear user templates
- Clear ~/Library/Preferences
- Rename ./mbr_cache ./mbr_cache-old
- Reinstall macOS Mojave from Recovery (installer 14.0.22)
- Reinstall macOS Mojave from Internet Recovery (installer 14.0.18)
- Disable FileVault 2
- Disk repair
Also grabbbed an other fresh 10.13.6 MacBook Pro, configured my account etc etc and kept it clean as possible, upgraded and same issue appears.
When booting to Safe Mode i am able to login.
Anyone tips or suggestions or having also this issue?
Hello @txhaflaire ,
On my side , I had some issue with Mobile Account with AD.
I've changed Mobile Account to Network Account with the GUI "Force Local Home Directory" from Jamf and works great.
Unbind => Rebind my Mac with the new settings and now can connect perfectly.
Maybe you can try this.
Hi ! @lrabotteau
Can you explain further about the transition from Mobile Account to Network Account, after that change are you still able to log-in when being away from network?
@bjorgvin Thanks for sharing; https://www.reddit.com/r/macsysadmin/comments/9iu5b4/mojave_expired_passwords/
Update; The workaround of changing password so the pop-up windows is not appearing works for now.
2 workarounds.
One is to just turn off the password change notification.
sudo defaults write /Library/Preferences/com.apple.loginwindow PasswordExpirationDays 0
The 2nd was to just login while off the network. Thanks to @andyincali for helping test this and @frogor for the idea to try it.
@ClassicII Thank you for sharing :)
Confirmed having this issue as well and suggested workaround (disabling password change notification) corrected problem however I don't see this as acceptable in our production environment long term as a fix
Hopefully this is something that will be fixed in 10.14.1. Does anyone know if this has been filed with Apple?
We noticed this issue after changing the user account to mobile and using filevault 2 to encrypt the hard drive. Once we enabled filevault 2, the laptop would get stuck during boot.
If you turn off filevault, the AD mobile account works just fine.
As a work around, you can create a local account, then encrypt the hard drive. Log out of the local account and log into the mobile account. This is super annoying, but the hard drive is encrypted and mobile account works just fine, once you get through the initial boot.
We duplicated this issue by:
1. Reimaging the laptop with Mojave
2. Setup mobile user account
3. Enable filevault
4. Stuck screen at 90% loading bar and cursor (force reboot)
5. Login with local account instead of mobile
6. Logout of local and log in with mobile
I would love any suggestions or visibility to fixing this issue.
Not letting Passwords fall under 30 days for expiration seems to work for us right now. We run a 365 day length on passwords and anyone over 30 days does not have the issue while anyone at 30 days or less does. Once these users under 30 days change their password, the issue goes away.
Hi Guys,
Do you run the workaround prior to the upgrade?
Thanks
I ran into this as well when I got in to the office this morning. Thanks for confirming it's not an isolated problem.
Hi,
Yeah, i run the workaround prior the upgrade, you can also wait till 10.14.1. The issue is fixed in recent beta.
thanks @txhaflaire tried that and that works fine!
Thanks for confirming the beta fixes it too.
10.14.1 has been released and in this version it is fixed. The workaround is not necessary anymore.
@txhaflaire do you still find that it takes a long time to log in?
I have seen this in 10.13.6, as well as 10.14.0/1 with AD mobile accounts. In every case disabling FDE auto login while booted in safe boot fixed this bug.
sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutologin -bool YES
I am having this issue with Mobile accounts on 10.14.0 - 10.14.2. Only with MacBook pro's & t2 chip
Just ran into this one myself with macOS 10.14.3 so looks like its still around:
Model: MacBookPro14,2
Processor: Intel Core i5
RAM: 8GB
Storage: 250 SSD with FileVault
Accounts:
Local
Mobile
What did i try to solve it:
- Reset PRAM
- SafeBoot (account logins possible)
This was caused by the password expiration prompt.
Darn.. we do have users (AD Mobile accounts) reporting in that when they upgraded to Big Sur, and trying to login a Password Change dialog appears so;
- Big Sur upgrade has finished
- Login Window appears and users fills in credentials and a Password Change dialog appears in Login Window, which does not accept anything
- After shutdown/reboot FileVault window -> accepts password -> Password change dialogs appears again.
Tried a lot like logging in with other local admin user and changing password for affected user, triggering password changes from AD, nothing helped except.
sudo defaults write /Library/Preferences/com.apple.loginwindow PasswordExpirationDays 0
@ClassicII Not sure if you had any MacAdmins reporting this in again, but if so the workaround from High Sierra -> Mojave should work.
@txhaflaire We have the exact same issue after Big Sur upgrade with our mobile accounts
but running: sudo defaults write /Library/Preferences/com.apple.loginwindow PasswordExpirationDays 0
does not work; any other ideas?
@skumar check your existing config profiles and then the passcode payloads, i removed some of them where force password change was checked.
@txhaflaire Did that already; but no luck.
Note: when i am on the AD network the password change prompt does not appear.. its just when i am offline.
