Hello, forgive me this is not quite related to JSS but I have thought asking the knowledgeble people here!
We have a password expiration policy in AD and when I try to login with a domain user with Filevault already enabled – if the expiration date is too close – I can unlock the disk but, instead of the ordinary automated login, I get the standard login window with the pop-up telling the password is going to expire in X days.
From there I can simply log in as usual since the password has not expired.
I tested with another AD user account - whose password was very recently changed and going to expire later - and everything goes as expected.
This means there's no automated login with Filevault unless the password expiration is more than X days (I could not exactly understand how many)
Is anyone else experiencing this? Is it a known bug?
@dave-moof-it up to Mojave, when you have this kind of setup (FV encryption + network user) even if the password is going to expire soon, you have the automated login. If I am not mistaken you don't receive a warning during this process or if you do, the login proceeds automatically anyway
During my tests with Catalina, if the password is going to expire in less than X days (still to be determined), it simply goes from unlocking the disk, boot and then standard login window with no warning at all
From there you can simply re-type you AD credential and successfully login
@ddcdennisb many thanks, that solves the problem!
Many thanks to all