Posted on 01-25-2022 12:32 PM
We have a user who was forced to use his recovery key to log into his Mac.
Once the recovery key was entered he was brought to the Jamf Connect login
screen. When he enters his username and password, which is tied to Okta,
nothing happens and it just returns him to the login screen. What do I need
to do to get this guy back into his machine using his Okta credentials?
The mac is running OS 11.6.1 and Jamf Connect 2.6, and he was never prompted to change his password as is standard practice when logging in with recovery key.
01-26-2022 06:59 AM - edited 01-26-2022 06:59 AM
The easiest thing to do to get the user logged in without much troubleshooting is to have the user boot the mac to recovery mode, select "Forgot Password" at bottom of the recovery window. It will prompt for the recovery key so provide the user the FV key, it will prompt if you want to reset the password. The user selects the account he wants to reset and he can enter his current password. Once complete he can restart and login
Posted on 02-14-2022 08:01 PM
We've run into this a few times now.
If the above doesn't work, you will have to uninstall the Jamf Connect login window from the user's machine so that they can login after entering the Recovery Key. Instructions to do so are found here: https://docs.jamf.com/jamf-connect/2.9.0/documentation/Uninstalling_Jamf_Connect.html
We accomplish this by removing the user from the login window profile scope and then pushing a script via a policy that uninstalls just the login window. You have to make sure to set it up to run at startup. Have the user restart to trigger the policy, wait a few minutes, then restart again. Have them login with the recovery key, then when they get logged in, have them use the Jamf Connect Menu to resync with Okta via the "Connect" option. This will update their local password with Okta.
Just remember once they are fixed to remove them from the uninstall policy and rescope the login window profile.