Jamf Connect 2.0 Issue during Demobilization Account

Jamf4Me
New Contributor

Hi guys,

We are having issue during the Account Demobilization step of Jamf Connect 2.0 deployment.

This happens after you are authorized via Azure with 2FA and you enter the password for the new local account. And during the local account selection step (Connect step), this fails to take the local password of the account.

I have attached screenshot for that error that we are getting.

Here is the logs extraction from /private/tmp/jamf_login.log. I renamed the username with "first_last" for privacy.

Fri Oct 09 16:31:05 [com.jamf.connect.login] - Info - OpenDirectory: Found local user.
Fri Oct 09 16:31:05 [com.jamf.connect.login] - Info - OpenDirectory: Building OD query for name first_last
Fri Oct 09 16:31:05 [com.jamf.connect.login] - Debug - OpenDirectory: Finding the DSLocal node.
Fri Oct 09 16:31:05 [com.jamf.connect.login] - Info - OpenDirectory: Found local user.
Fri Oct 09 16:31:05 [com.jamf.connect.login] - Info - UI: Migration pass change failed: Authentication server could not be contacted.
Fri Oct 09 16:31:05 [com.jamf.connect.login] - Error - LoginUI: Migration: local passsword update failed.
Fri Oct 09 16:31:20 [com.jamf.connect.login] - Info - OpenDirectory: Building OD query for name first_last
Fri Oct 09 16:31:20 [com.jamf.connect.login] - Debug - OpenDirectory: Finding the DSLocal node.
Fri Oct 09 16:31:20 [com.jamf.connect.login] - Info - OpenDirectory: Found local user.
Fri Oct 09 16:31:20 [com.jamf.connect.login] - Info - OpenDirectory: Building OD query for name first_last
Fri Oct 09 16:31:20 [com.jamf.connect.login] - Debug - OpenDirectory: Finding the DSLocal node.
Fri Oct 09 16:31:20 [com.jamf.connect.login] - Info - OpenDirectory: Found local user.
Fri Oct 09 16:31:20 [com.jamf.connect.login] - Info - UI: Migration pass change failed: Authentication server could not be contacted.
Fri Oct 09 16:31:20 [com.jamf.connect.login] - Error - LoginUI: Migration: local passsword update failed.

I would appreciate any suggestions or feedback.

thanks
f58cb551b06f4eed9f2c9323befe037b
4cc501cddc4546b39d90533095a332c4

7 REPLIES 7

deritaufan
New Contributor II

We have been experiencing similar situation but not during demobilising an account rather migrating local account to connect with iDP.

3 out 10 people are experiencing the issue that you posted on your last screenshot where Jamf Connect keeps saying that the local account password is invalid, though it is valid 100%. To pass that error what works is try to going back to the prior connect screen and go forward again.

But we would like to hear from Jamf what may cause this unexpected behaviour and come up with a solution.

ryoung
New Contributor

We are having the same exact issue. Did you guys figure out a fix? Somehow if you disconnect from the network at that point, it will proceed, but that seems like a workaround, and doing a large deployment with that workaround seems to not be ideal..

vcastro4554
New Contributor II

That was our work around the initial Jamf Connect Login window to turn off wifi to allow user to log on. So far from my experience, we only noticed this issue with pre-existing device that were recently enrolled to Jamf, but still showing accounts listed as "Mobile".

I am currently experiencing this issue and having a headache trying to sync a local account password to the network password.

Were any of you guys able to resolve this by any other means?

mallen13
New Contributor III

Did this ever get solved ?

I am seeing the EXACT same behavior... and it is super annoying...

Even on the latest 2.4.5 ( as of today ) version of JAMFConnect

My users can barely read an email, much less follow instructions to ignore an error....

JAMF -- PLEZ HALP!

Jamf4Me
New Contributor

HI @mallen13 , Few things that we had to consider : 

  • if you have mobile account, you have to run demobilize account script first and then deploy Jamf connect later. We are using Demobilize account script by Patrick Gallagher. 
  • Usually users having this sort of issue had issue with their local account , they were not able to Unlock any settings using their local account. Their account was corrupted all-together.  You can test it out to see if their existing account is fine and able to unlock settings.

Considering those things , we were able to fix this issue.  if it does fix then we created New account for that user and moved ownership of data to new account and ran the Jamf Connect deployment from the new account and that fixed the issue. 

 

I hope this helps. 

mallen13
New Contributor III

Awesome. Thanks 'Jamf4Me' -- I'll give this a go!


I've opened a case with JAMF regardless...  I feel like this is something they should integrate in the app...
🙂

ngloudemans
New Contributor II

I have had this issue pop up for my users as well. The fix has been to go back, then re-authenticate. If I have to run the command to demobilize a user on Connect install, then reenable the login window, this isn’t very user friendly. I also have a ticket in with support about this issue.