Help

Broken admin account

Sobchak
Contributor

Posted on ‎03-10-2016 12:22 PM

We have a Mac that was re-enrolled by a tech. trying to log in to our admin account on the machine failed after that. The tech changed the password locally to the correct password and could logon but policies like reissueing the FileVault key were failing to authentication errors. To fix it we decided to: remove the Mac from Casper, remove the Casper profile from the machine, remove the framework, delete the admin account, reboot, re-enroll in Casper. In theory that should have fixed everything.

The problem is the admin account is reporting as admin in Casper but showing as a standard user on the Mac. Also, pushing packages to the Mac are coming up with Could not mount distribution point "CasperShare". Also, when I try to remote in I get: "An incorrect username/password is entered for this computer."

Any ideas on how to fix this?

0 Kudos
Reply
1 REPLY 1

mm2270
Legendary Contributor III

Posted on ‎03-10-2016 12:44 PM

Is the admin account the same as the Casper management account? If its not, can you use the management account to correct the issue? If its one and the same account, or you don't know the management account password, then is the Mac still actually enrolled in your JSS? If so, I would think it could still run commands as root on it, because that happens with the LaunchDaemon process, not by calling on the local management account. If it can run policies, set up a policy scoped to that one Mac by adding a script or Run Command into the policy that fixes the issue, or, you can use the Local Accounts payload to create a new admin level account on it. Just let the policy run naturally at the check in trigger on it, to ensure the LaunchDaemon is running it.

0 Kudos
Reply