I have set the Mac up to accept Yubikey account creation. It queries AD then creates an account if it finds the user's certificates from the Yubikey.
However, when signing in, it repeatedly prompts for a keychain password saying "macOS wants to use the "login" keychain." Any ideas on how to stop this from popping up, or why it does? I would also prefer it asks for a PIN over password if that prompt is required to get full use of the mac. Also, other items keep prompting for the Keychain instead of the pin as well. Such as Spotlight, Transparent Network Proxy for Apple system services, security, and ScopedBookmarkAgent. But once I cancel those enough times, they do not prompt me again. But the macOS does. Any and all help is appreciated. Thank you.