14.2 released today and still having the issue, we do have a hidden admin account so i will see if unhiding it resolves it. not ideal tho and was hoping for a fix in 14.2.

14.2 isn’t out yet. This is a security update 14.1.2

14.2 Tested this morning and still having the issue 😕😕

In our environment we've identified an issue with having both a loginwindow config to show Name & Password fields and having a config or pwpolicy set that has a maximum password age. The issue causes a Lock Screen to only show the password field, normally you would also see the username with the user's profile icon. Removing the maximum password age or changing the loginwindow to be a list "resolves" the issue, but now we can't use the configs.

We've long had issues with the login screen and passwords and they seem to just be getting worse, even though we submit feedback for all of them through the beta program. 14.2 appears to cause even bigger problems with macOS passwords and resetting for the first time without fixing the previous issues. It's been fun as we try to document everything, provide feedback and then develop a workaround.  

I know it was suggested before to use

/usr/local/bin/authchanger -reset

and did not work. This was my situation too. What I ran was similar but with the added at the end

/usr/local/bin/authchanger -reset -JamfConnect

Then a restart. 

Gonna need to test out the new macOS Sonoma Beta:

Resolved Issues in macOS 14.3 Beta

• (Beta 2) Passwords can be changed successfully at the login window when enforced by MDM or pwpolicy.

I'm on an M1 MacBook Pro MacOS 14.2.1

We have the Mac bound to AD and what I've noticed is it will work outside the company network but not inside the office. When inside the office I have to shut off the WiFi and network connections and restart. After logging in I can then get the network going again. If I don't, it locks up when I try to wake up an account.

We are still seeing this on some macOS Sonoma devices with 14.2.1 installed,  so not fixed for us yet. 

I have found that the only consistent way to squash this bug is to not manage any login window settings. There’s probably a subset of those settings that trigger the issue in AD-bound environments, but I don’t care enough about managing the login screen to investigate further.

Hello, can you confirm this works ? i can see you tried this in October last year 

In our environment it seems to happen specifically once people install upgrade from Ventura to Sonoma. Once we change password issue seems to go away . 

But we also deploy login / screen saver / password expiration configs mentioned in the forum 

I figured this out with Jamf support. In your Configuration Profile, if you need to have the key "Hide Admin Users" set to false. Also, if your Pre-Stage Enrollment, you need to have your local admin user not set to hidden as well. You also want to be sure local users are set to not be hidden. Those 3 things are what makes the lock screen work me as of 14.3. The other thing to check is that you don't have conflicting Configuration Profiles set for Login Window. Hope this helps!

This didn't work for us either

I'm trying this now. Fingers crossed it works!! Thank you :)

You should open a ticket with jamf and have them take a look at your login window config profile. If you take a look at the config profile’s settings on a computer experiencing the issue, see if “hide local admin users” is set to true, you need to get that set to false. What I found was, even though I had that setting configured in the config prof, it was still hiding the admin…you would have to adjust the config profile outside of jamf and import it back in if that makes sense…but still worth having Jamf support see it I think. 

if you don’t manage the logging window, you can’t say “this laptop belong to…” or control the guest user account etc…..

I know I've mentioned this before, but this issue is not tied to "hide local admin users" since it affected unmanaged and personal computers without any tie to JAMF which I have documented.  Apple is unfortunately stating it to be a specific preference (which it very well may be with managed devices) but we are witnessing it affecting completely new devices out of box once they are logged into with a new user with no jamf management whatsoever.  So either they have multiple issues that are affecting the Lock Screen passcode, or they just don't know the extent of the issue.  Either way, this is an Apple issue and not specifically a JAMF one (even though the mitigation is bypassing hiding of admin accounts on managed devices).

Thanks I will :)

Did you open a ticket with Apple as well? You should report that finding to them too, they need to hear about these issues. 

Hi. i got couple confirmations internally that installing 14.3 fixed this . Anybody else can confirm this ?

It did not fix the issue for me.

Did you have any luck implementing the updated configuration profile to make sure local admins are being shown?

I haven't gotten a chance to see if 14.3 works with hidden admin. For me, that's been the reproducible issue. I know others have gotten it to break without any connection to Jamf whatsoever, but I haven't been able to reproduce that.

I don't see that in any of our config profiles. I did put in a ticket with jamf and they've escalated the issue.

14.3.1 might have fixed it... I upgraded one machine and so far so good.

nope, scratch that. Still having the same issue.

I think the inherent problem is Apple believes the issue to be fixed as of 14.2 since it was in the patch notes I believe back then. I doubt anything further will address it unless everyone contacts their Apple SE regarding it and opens a new radar.