Having a bug in user-initiated enrollment

New Contributor II

Hello folks,

Newer Jamf Pro user here. We've got about 230 devices enrolled, 98% of which are existing machines from the field (mostly remote) that we're using user-initiated enrollment for. We're doing pretty basic stuff, installing a few apps, issuing a password policy, and things like login screen message etc. One these machines, there is a local admin for our use, and the user is also a local admin. We've had two instances recently where, a user has rebooted, done the user-initiated enrollment, and then upon rebooting, is asked to change their password at login to comply with the password policy, and then the next time they try to login after this, they are told their password is wrong. I'm finding the same issue with the local admin, and the only way I can get in is if I push a new local admin account to the machine via a policy. But after I login, if I go to users & groups in sys prefs/settings, and I try to reset the password, I get "reset password failed." We are not using FileVault, but have a policy to escrow the key if the user already had it enabled. What is causing this? I've seen it on Monterey and Ventura, and all users so far are using M1 Air. I am trying to find a way to get these users back into their accounts and make sure to prevent this for future users. Tell Tims Survey 

Thank you.