User was recently removed from old AirWatch MDM and enrolled into Jamf using pre-stage command - sudo profiles renew -type=enrollment. Before I installed the Jamf profiles on the device, I had to re-bind the machine to the domain because the local password and Okta password did not sync. I then removed it from the domain again and verified the local password now matched the users Okta password. Restarted the device and had user log in with newly updated password. Ran command to install Jamf profiles, restarted the device and had user review and install profiles. After all profiles and policies installed I tested Jamf connect (desktop app) and was able to have the user sign in via Okta. On the next restart where the user has to connect the local account to Jamf connect for the first time it does not take the local mac password that was being used. Keeps saying invalid password. Had user try the old and new password that was on the device and still could not connect. Had to create a "Disable Jamf Connect" policy to bypass login screen so user could log back into local account to continue to work. I'm guessing this is most likely an issue with the keychain or the bootstraptoken. User is added to our admin jamf connect group so her local user account should be set to admin.
Bootstrap Token Allowed: Yes
Bootstrap Token Escrowed: No
FileVault 2 Enabled Users: itrunwell (local hidden admin account)