Does anyone know why sometimes the local admin account wouldn't be set up during the Setup Assistant (as defined in the PreStage Enrolment)? At least it's not visible as one of the local accounts in Jamf Pro (but it actually might be present, but didn't check with a user yet).
The PreStage Enrollment settings have an option to hide the account. If you've selected that option, you'll need to verify on the Mac that the account is there. Run this command on the Mac and look at the end of the list:
/usr/bin/dscl . list /Users
Jamf Pro itself has a setting to collect hidden accounts that you need to enable first. Look in Jamf Pro Settings > Computer Management > Inventory Collection for Include Hidden Accounts.
@JureJerebicCould you please share how your Pre-Stage Enrollment is configured?
We had a situation where an individual forgot their user password to log into their device. We use personal recovery keys for these situations but in this case it was "invalid" within Jamf Pro and the key didn't work at all for the user to reset their password. We do have a local admin account like you all mostly have where we do hide it from users and groups. So when we wanted to log into the laptop using that local account, it couldn't be seen upon restart. I tried entering recovery mode and safe mode and no luck logging in with our local admin account either. Only the users account would show up. Anyone have a work around for this?
I think the problem with hiding the admin account is also that FV isn't enabled as the user never logged in. We also use PRK to reset users' passwords, but that doesn't explain why the user would be hidden, if it's not set to be in the PreStage Enrolment.