@alexjdale Mojave is in beta so that's why people won't be talking about it. If you got access to the Apple Dev Discussion forums, you can ask there and post a link to the discussion here and others who have access to those forums can post.
I'm also hoping you're providing bug reports/feedback to Apple. More on that here: https://babodee.wordpress.com/2018/08/22/the-importance-of-filing-feedback-during-major-os-releases-...
I'm aware of that. The Apple discussions forums are lacking. Lots of people are talking about Mojave here so I was hoping for someone to give me some feedback on this. I have filed my reports on it but can't find anyone talking about it anywhere.
Edit: I did find the problem, it's that User Templates are borked.
Been testing enrolling a "new" mojave device into Jamf Pro as opposed to upgrading a current system. Just erased a mac mini and put mojave on it.
One thing that I've noticed. AD accounts when logged in for the first time are showing as internet accounts.
In our environment, with High Sierra, AD accounts automatically downloaded as Mobile Accounts. Have not done anything on our end to change that - other than having macOS Mojave.
So something must be going on in the OS in how it's dealing with AD accounts i would assume. Still have more testing to do.
@Alyoung It doesn't help you but I'm not able to reproduce this in 10.7.1 (on-prem) and the latest Mojave revision. We use a script to bind to AD at enrollment time.
Our accounts show as "Managed, Mobile" as expected and I don't have any issues logging in. Tried this on both (Self Service based) upgrades from Sierra and High Sierra, as well as a clean install of Mojave.
Here's what I've seen:
This is basically what happened when 10.13 came out until we discovered the unchecking of the "use full UNC path" option fixed it.
Running 10.3.0 on-prem (waiting to go to the cloud and can't upgrade before then), using the built in bind configuration.
Edit: I have a script that uses "/System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount" to create an account and that does work. It doesn't get the securetoken however.
I filed a Bug Report for another AD issue at my org. If you have a FileVault config profile to defer FV until logout/restart an AD mobile user (who is also an admin) will not get the authentication prompt. You have to log out/restart from a local admin user for the authentication pop-up to appear. Didn't see this behavior in any of the Mojave betas, just the release 18A391.
Yes there is a problem with AD mobile accounts. Upgraded my MacBook Pro from 10.13.6 to 10.14 - bind to AD domain - enrolled in jamf 9.98 - logged in with as a Domain user- Account created was admin instead of a Standard account. Able to log in with this domain account.Tried to delete the domain account from the Users pane in System Preferences - a dialog box prompts with the user (to be deleted) name entered and asking for the password. The password however is not accepted and thus the account is not deleted.