Posted on 11-13-2013 08:30 AM
With Mavericks I’ve been getting a “OS X wants to use the ‘Local Items’ keychain” message when a new user logs on:
Entering the local Administrator password lets me continue. The problem is that our users are not given the local Admin password.
Here are the details:
• Started with clean 10.9 install
• Added required apps
• Customized Mac OS User Template:
o su -
o rm -r /System/Library/User Template/English.lproj/*
o cp -R /Users/test/* /System/Library/User Template/English.lproj/
• Capture image with Casper Composer 9.2
• Image MacBook Pro using Casper Imaging 9.2
• Managed by JAMF JSS 9.2
• Join CSUS Domain (Mobile Accounts enabled)
• Login with SacLink Username and Password
• Dialog Appears: “OS X wants to use the ‘Local Items’ keychain”
• Enter “Administrator” password that was created when Mavericks was originally installed for the new image.
My concern is how to avoid having a new user enter our secret Administrator password at their first login.
Posted on 11-13-2013 10:24 AM
Sounds like you may of left the /Users/test/Library/Keychain/login.keychain in your "template". I would make sure you blow this away from your build so user all get to create their own.
For those out there now you may want to delete it via some form of a policy (either via Self Service or push).
I'm not positive of this as I haven't messed with modifying the User Template in a couple of years.