Posted on 12-03-2013 07:11 AM
I'm trying to test the password recovery option with FileVault, where you type your password incorrectly three times at the boot login. I get the prompt to enter the recovery key, i enter it and then it boots to the login screen where i'm prompted to enter a new password for my encrypted user. I enter a new password and it just shakes it off. I'm forced to enter my actual password.
This is a Macbook Pro running 10.9 and i used JSSv9.2 to setup filevault2 with an individual key and institutional key. This is an AD bound user with a mobile account(which now that i think about it, might have something to do with the problem).
Summoning @rtrouton][/url][/url][/url
EDIT: I enabled a second standard user with FileVault and tried this with that user and i was able to reset the password. So, the issue seems to be with the AD bound user only.
Found another thread on the topic: https://jamfnation.jamfsoftware.com/discussion.html?id=7400
Solved! Go to Solution.
Posted on 12-03-2013 07:23 AM
I don't think this is possible with AD accounts, as you'd have to provide the correct password in order to change it
Posted on 12-03-2013 07:23 AM
I don't think this is possible with AD accounts, as you'd have to provide the correct password in order to change it
Posted on 01-21-2014 02:33 PM
I thought I would share a simple script that helps migrate this...
#!/bin/bash
#
# migrateNetLocalhomeToLocalHome -This script is meant for users that have local homedirs but are network based and we want
# to move them to local homedirs with locally cached AD user account (aka mobile user).
#
#
######################### Username is needed to start this migration ##################
# Replace "$4" with the actual username if you're running this through ARD
username=$4
/System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -n $username -h /Users/$username -S -v
######## NOTE: The below lines are not applicable if the user has been added as a local admin within Active Directory. ###########
# Add this user to local admin group
# dscl . -append /Groups/admin GroupMembership $username