BeaconStoreKey, A keychain cannot be found to store


We noticed that macs above 10.15.3 are having issues when a new user logs on with an Active Directory account.

When signing in it takes longer than usual and then throws up the following error:
A keychain cannot be found to store "beaconstorekey."

The dialogue has 2 options. Cancel or Reset To Default. Clicking either one will make the dialogue box go away but then nothing happens until I force restart the machine. Upon restart no new local user was created.

Things I have tried so far:
- Disabled drive encryption in case it was something to do with accessing the keychain on the drive.
- disabled mobile home creation
- manually unbound and rebound to AD

Googling this error shows me that there are people struggling wth this but no one seems to have a solution. Anyone here seen this? Or is using Nomad/Jamf Connect our only way out of this?


New Contributor II

Does this happen to any user that logs in to the machines? Our AD instance has a primary domain with a subdomain for students. We've found that a user with an account in both the primary and sub domains (with the same username for both - and will cause this error to be displayed. We've even tried disabling authentication from any forest in the domain and we get the same thing. There are only a few teachers on site with this issue and we've gotten by with just creating local machine accounts for them.