Jamf Nation Community

14.2 beta has not resolved the issue for me on a test machine. Lock screen shows no user icon and rejects valid password. Will continue to test the login window payload settings that are causing this.

That is disappointing about 14.2...HEY APPLE, DO BETTER! According to Apple Enterprise support, the setting that is causing this is "having a hidden admin account" which for us was because we build one during Pre-Stage enrollment and have it marked as hidden. Problem is that setting does not live in a Config Prof...so you can only change it after the fact via script and you can turn that setting off for new enrollments going forward. Once we sent a command to show the hidden admin account, the issue goes away. So we do it with a script (change UserAccountName to the name of your hidden admin account): 

sudo dscl . create /Users/UserAccountName IsHidden 0

I suppose there could be multiple causes of this issue -- but in our environment, we have no hidden users, and we're still seeing this.

The following did not resolve the issue for me:

sudo dscl . create /Users/UserAccountName IsHidden 0

 @imnotajamfadmin From your note above I am not 100% clear what your resolution was? Can you clarify which payload caused the issue of the lock screen not accepting a valid password please?

Just updated to 14.1.1, this thing happens again!

I was able to temporarily resolve it in 14.1, using a way learned from a smart colleague, "log out of the current user and get to a screen where you can input both username and password".

It worked for 14.1(that smart guy didn't upgrade to 14.0, since I told him about the login password issue, and then he waited till 14.1).

It's just for 14.1.1 patch, I have to do it again, and so far so good.

* maybe for all future OS patches, before either Apple or Jamf solves this for good, I have to do the above again and again.

* use Apple watch and touchID unlock as much as you can to mitigate the impact.

Happening in our environment to random users( version 14.1.1) as well. Unable to repro. Any recommendations from Jamf/Apple if someone reached to them recently ? I am waiting for a response from Jamf support

So I just heard from Apple asking me to try the newest seed for 14.2 where they claim the issue is resolved....looks like I have homework to do.  Here are screen shots of our config prof for login window that Jamf Support helped me build. So send that config prof down (remove your previous one with Login Window settings), plus run a policy that unhides the hidden admin account using the execute command...if this doesn't work for you then there must be more variables that also cause the lock screen issue unfortunately. Might seem obvious, but make sure you don't have multiple config profiles doing things to the Login Window to conflict with this new one.

Create a policy with this command:

Create a new Config Prof (and remove your old Login Window prof):

we got similar settings for login config as suggested to you by Jamf Support. The only difference is "Enable console login" and "allow external users" are not checked.

I suspect everyone's wrapping up for the long weekend right now, but have any of you good folks made any progress on this issue since the last post was made here a couple of weeks ago?

14.2 released today and still having the issue, we do have a hidden admin account so i will see if unhiding it resolves it. not ideal tho and was hoping for a fix in 14.2.

14.2 Tested this morning and still having the issue 😕

In our environment we've identified an issue with having both a loginwindow config to show Name & Password fields and having a config or pwpolicy set that has a maximum password age. The issue causes a Lock Screen to only show the password field, normally you would also see the username with the user's profile icon. Removing the maximum password age or changing the loginwindow to be a list "resolves" the issue, but now we can't use the configs.

We've long had issues with the login screen and passwords and they seem to just be getting worse, even though we submit feedback for all of them through the beta program. 14.2 appears to cause even bigger problems with macOS passwords and resetting for the first time without fixing the previous issues. It's been fun as we try to document everything, provide feedback and then develop a workaround.  

I know it was suggested before to use

/usr/local/bin/authchanger -reset

and did not work. This was my situation too. What I ran was similar but with the added at the end

/usr/local/bin/authchanger -reset -JamfConnect

Then a restart. 

I'm on an M1 MacBook Pro MacOS 14.2.1

We have the Mac bound to AD and what I've noticed is it will work outside the company network but not inside the office. When inside the office I have to shut off the WiFi and network connections and restart. After logging in I can then get the network going again. If I don't, it locks up when I try to wake up an account.

We are still seeing this on some macOS Sonoma devices with 14.2.1 installed,  so not fixed for us yet. 

I have found that the only consistent way to squash this bug is to not manage any login window settings. There’s probably a subset of those settings that trigger the issue in AD-bound environments, but I don’t care enough about managing the login screen to investigate further.

In our environment it seems to happen specifically once people install upgrade from Ventura to Sonoma. Once we change password issue seems to go away . 

But we also deploy login / screen saver / password expiration configs mentioned in the forum 

Hi. i got couple confirmations internally that installing 14.3 fixed this . Anybody else can confirm this ?

I think the inherent problem is Apple believes the issue to be fixed as of 14.2 since it was in the patch notes I believe back then. I doubt anything further will address it unless everyone contacts their Apple SE regarding it and opens a new radar. 

Hi guys, any news after 14.3.1 ?