Help

Local Administrator account not being set up over PreStage Enrolment?

JureJerebic
Contributor

Posted on ‎06-28-2022 07:46 AM

Hi everyone,

Does anyone know why sometimes the local admin account wouldn't be set up during the Setup Assistant (as defined in the PreStage Enrolment)? At least it's not visible as one of the local accounts in Jamf Pro (but it actually might be present, but didn't check with a user yet).

0 Kudos
5 REPLIES 5

talkingmoose
Moderator
Moderator

Posted on ‎06-28-2022 08:09 AM

The PreStage Enrollment settings have an option to hide the account. If you've selected that option, you'll need to verify on the Mac that the account is there. Run this command on the Mac and look at the end of the list:

/usr/bin/dscl . list /Users

Jamf Pro itself has a setting to collect hidden accounts that you need to enable first. Look in Jamf Pro Settings > Computer Management > Inventory Collection for Include Hidden Accounts.

Hugonaut
Valued Contributor II

Posted on ‎06-28-2022 11:10 AM

@JureJerebicCould you please share how your Pre-Stage Enrollment is configured?

 

Screen Shot 2022-06-28 at 1.08.13 PM.png

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month
0 Kudos

JureJerebic
Contributor
In response to Hugonaut

Posted on ‎06-29-2022 01:33 AM

Similar to yours in the screenshot, but it's not set to be hidden in ours.

0 Kudos

Moreno
New Contributor

Posted on ‎06-29-2022 07:55 AM

We had a situation where an individual forgot their user password to log into their device. We use personal recovery keys for these situations but in this case it was "invalid" within Jamf Pro and the key didn't work at all for the user to reset their password. We do have a local admin account like you all mostly have where we do hide it from users and groups. So when we wanted to log into the laptop using that local account, it couldn't be seen upon restart. I tried entering recovery mode and safe mode and no luck logging in with our local admin account either. Only the users account would show up. Anyone have a work around for this?

0 Kudos

JureJerebic
Contributor
In response to Moreno

Posted on ‎06-30-2022 12:21 AM

I think the problem with hiding the admin account is also that FV isn't enabled as the user never logged in. We also use PRK to reset users' passwords, but that doesn't explain why the user would be hidden, if it's not set to be in the PreStage Enrolment. 

0 Kudos