Posted on 09-26-2018 12:27 AM
Hi,
On 24 september when macOS Mojave 10.14.0 released i decided to upgrade my own MacBook Pro that was on 10.13.6.
The upgrade was successful and at that moment it seems to be there were no problems at all, until i shutdown my device and booted it up the day after.
When booting, seeing the log-in screen and trying to login with my Managed Mobile Account it will get stuck on the black screen with Apple logo endless.
On our devices we have a local account configured for IT support, and that account is working flawless.
What did i try to solve it;
- Reset PRAM
- Clear user templates
- Clear ~/Library/Preferences
- Rename ./mbr_cache ./mbr_cache-old
- Reinstall macOS Mojave from Recovery (installer 14.0.22)
- Reinstall macOS Mojave from Internet Recovery (installer 14.0.18)
- Disable FileVault 2
- Disk repair
Also grabbbed an other fresh 10.13.6 MacBook Pro, configured my account etc etc and kept it clean as possible, upgraded and same issue appears.
When booting to Safe Mode i am able to login.
Anyone tips or suggestions or having also this issue?
Solved! Go to Solution.
Posted on 10-31-2018 07:18 AM
10.14.1 has been released and in this version it is fixed. The workaround is not necessary anymore.
Posted on 09-26-2018 01:08 AM
Hello @txhaflaire ,
On my side , I had some issue with Mobile Account with AD.
I've changed Mobile Account to Network Account with the GUI "Force Local Home Directory" from Jamf and works great.
Unbind => Rebind my Mac with the new settings and now can connect perfectly.
Maybe you can try this.
Posted on 09-26-2018 02:20 AM
Hi ! @lrabotteau
Can you explain further about the transition from Mobile Account to Network Account, after that change are you still able to log-in when being away from network?
Posted on 09-26-2018 02:35 AM
@bjorgvin Thanks for sharing; https://www.reddit.com/r/macsysadmin/comments/9iu5b4/mojave_expired_passwords/
Posted on 09-26-2018 09:11 AM
Update; The workaround of changing password so the pop-up windows is not appearing works for now.
Posted on 09-27-2018 09:49 AM
2 workarounds.
One is to just turn off the password change notification.
sudo defaults write /Library/Preferences/com.apple.loginwindow PasswordExpirationDays 0
The 2nd was to just login while off the network. Thanks to @andyincali for helping test this and @frogor for the idea to try it.
Posted on 09-27-2018 10:01 AM
@ClassicII Thank you for sharing :)
Posted on 09-28-2018 07:56 AM
Confirmed having this issue as well and suggested workaround (disabling password change notification) corrected problem however I don't see this as acceptable in our production environment long term as a fix
Hopefully this is something that will be fixed in 10.14.1. Does anyone know if this has been filed with Apple?
Posted on 10-02-2018 11:46 AM
We noticed this issue after changing the user account to mobile and using filevault 2 to encrypt the hard drive. Once we enabled filevault 2, the laptop would get stuck during boot.
If you turn off filevault, the AD mobile account works just fine.
As a work around, you can create a local account, then encrypt the hard drive. Log out of the local account and log into the mobile account. This is super annoying, but the hard drive is encrypted and mobile account works just fine, once you get through the initial boot.
We duplicated this issue by:
1. Reimaging the laptop with Mojave
2. Setup mobile user account
3. Enable filevault
4. Stuck screen at 90% loading bar and cursor (force reboot)
5. Login with local account instead of mobile
6. Logout of local and log in with mobile
I would love any suggestions or visibility to fixing this issue.
Posted on 10-15-2018 08:31 AM
Not letting Passwords fall under 30 days for expiration seems to work for us right now. We run a 365 day length on passwords and anyone over 30 days does not have the issue while anyone at 30 days or less does. Once these users under 30 days change their password, the issue goes away.
Posted on 10-22-2018 04:36 AM
Hi Guys,
Do you run the workaround prior to the upgrade?
Thanks
Posted on 10-22-2018 05:45 AM
I ran into this as well when I got in to the office this morning. Thanks for confirming it's not an isolated problem.
Posted on 10-22-2018 05:50 AM
Hi,
Yeah, i run the workaround prior the upgrade, you can also wait till 10.14.1. The issue is fixed in recent beta.
Posted on 10-22-2018 07:53 AM
thanks @txhaflaire tried that and that works fine!
Thanks for confirming the beta fixes it too.
Posted on 10-22-2018 01:05 PM
Same issue.
Posted on 10-31-2018 07:18 AM
10.14.1 has been released and in this version it is fixed. The workaround is not necessary anymore.
Posted on 11-29-2018 12:11 PM
@txhaflaire do you still find that it takes a long time to log in?
Posted on 11-30-2018 02:54 AM
I have seen this in 10.13.6, as well as 10.14.0/1 with AD mobile accounts. In every case disabling FDE auto login while booted in safe boot fixed this bug.
sudo defaults write /Library/Preferences/com.apple.loginwindow DisableFDEAutologin -bool YES
Posted on 01-11-2019 08:46 AM
I am having this issue with Mobile accounts on 10.14.0 - 10.14.2. Only with MacBook pro's & t2 chip
Posted on 02-15-2019 06:25 AM
Just ran into this one myself with macOS 10.14.3 so looks like its still around:
Model: MacBookPro14,2
Processor: Intel Core i5
RAM: 8GB
Storage: 250 SSD with FileVault
Accounts:
Local
Mobile
What did i try to solve it:
- Reset PRAM
- SafeBoot (account logins possible)
Posted on 02-15-2019 08:24 AM
This was caused by the password expiration prompt.
Posted on 11-17-2020 02:03 AM
Darn.. we do have users (AD Mobile accounts) reporting in that when they upgraded to Big Sur, and trying to login a Password Change dialog appears so;
Tried a lot like logging in with other local admin user and changing password for affected user, triggering password changes from AD, nothing helped except.
sudo defaults write /Library/Preferences/com.apple.loginwindow PasswordExpirationDays 0
Posted on 11-17-2020 02:41 AM
@ClassicII Not sure if you had any MacAdmins reporting this in again, but if so the workaround from High Sierra -> Mojave should work.
Posted on 11-19-2020 09:53 AM
@txhaflaire We have the exact same issue after Big Sur upgrade with our mobile accounts
but running: sudo defaults write /Library/Preferences/com.apple.loginwindow PasswordExpirationDays 0
does not work; any other ideas?
Posted on 11-19-2020 10:19 AM
@skumar check your existing config profiles and then the passcode payloads, i removed some of them where force password change was checked.
Posted on 11-19-2020 10:41 AM
@txhaflaire Did that already; but no luck.
Note: when i am on the AD network the password change prompt does not appear.. its just when i am offline.
Posted on 11-25-2020 12:23 PM
@txhaflaire We appear to be having the sane problem as @skumar. Upgrades to Big Sur and clean installs provoke a password change upon login with an AD bound user. Changing PasswordExpirationDays didn't seem to help here either.
Any other ideas?
Posted on 02-08-2021 06:01 AM
is ther any way to sync the mac password and filevault password and AD network password without apps like No made or jamf connect
Posted on 02-08-2021 06:16 AM
@mani2care The Kerberos Extension, for catalina onwards will do it, but you need to convert the accounts to standard from mobile, as it wont sync with mobile accounts. I needed Apple to help set it up, but it's a one off cost unlike Jamf Connect.