Managing users accounts

New Contributor III

I am having a hard time managing user accounts. On every computer, the is a local user account for each user and a local admin account. we also have a password policy that requires users to change their password after a certain period of time. this policy affects the local admin account as well.

  • How do i change the password on all the admin accounts at once? i have used the reset account password policy but it fails each time because the computers and account are FileVault enabled

  • when a user forgets their password i just go crazy because the recovery process does always work. Usually, i will issue them the recovery key which they will use to reset their password.

  • Sometimes the user types in the recovery key and the login window, it loads and brings back the login window without prompting for a password change. sometimes is asked to create a new password. the is no consistency

  • the worst is when a user's account is locked out on a computer which is not DEP enrolled the is now to unlock the account.

Please !! can anyone with Filevault tell me what their workflow is for managing user accounts. -how are the accounts created?
-how do you recover passwords?
-how do you unlock none DEP enrolled computer?
- how do you manage the administrator account's password if you use any?