Help

Local / Domain accounts

jwojda
Valued Contributor II

Posted on ‎12-09-2014 06:16 AM

We had a tech manually bind a machine but didn't setup mobile accounts. He did all the user config (vpn, email, etc) under the account, but when he shipped the machine to the user, they couldn't sign in.

He went back and rebound the machine with the mobile devices, but created a local account with the same user id as the machine should have created on its own. After doing that he was able to sign in under the user while off the network and all the configuration he had done prior to shipping seemed to have transferred over.

Is that normal?

Labels:
0 Kudos
1 REPLY 1

justinrummel
Contributor III

Posted on ‎01-03-2015 01:41 PM

I think I'm missing some items.

  1. Bind the machine (AD?), but did not select "Create Mobile Account".
  2. User offsite could not login as their local directory had not been created after the tech manually bound the machine
  3. Machine returns to the tech (which has access to AD?) and unbind, the re-bind with Mobile accounts enabled
  4. Creates a local account is where I'm lost. Via System Preferences vs. logging out of your local admin and entering the target user's AD account?

If via System Preferences, I'm guessing this is a local account. You can verify by doing the "id username" command. an AD account will be long, 6-8 digits while local will see something like 502 (501 being your local admin account). When the user had to change their AD password, it will not change on the device. they will have two separate independent passwords.

If not via System Prefs, they should be OK.

0 Kudos