I have a problem with MacOS Mojave when I have 'Login Window' payload with "
Show computer's administrators" unchecked.
Computers with only administrator accounts can't log in because no login/password fields appears.
Have you ever had this bug?
Jamf Pro 10.7.1 (the same with 10.8 in Dev environment)
Solved! Go to Solution.
I've ran into this issue. I'm on Jamf Pro 10.7.1 as well. I found it was because our Administrators accounts were hidden and no other account was on the computer. Once I unhid one of the accounts or created a temp account, it would show the login boxes. I was going to setup a policy and smart group to look for a temp account but because our Macs are bound to AD, I just use a command to set the login window to always ask for a username and password. Our Macs are bound with a prestage enrollment. So far it's been working in my dev environment. Haven't pushed it out to prod yet.
Amazingly, our Art Department is not happy with students having to learn Option+Enter and want me to make it like it was in previous OS versions. My first, second and third response is "tough luck". We have 10,000 pc's on Campus and 1200 macs. When a student goes to login to a pc, they have to use ctrl-alt-delete, what's the big deal?
I had the same issue but after fiddling with it I think it was just working as logically intended. I'm not sure about your setup but for me I was configuring some servers that just use one local admin account for everything. By leaving "Show computer administrators" unchecked it was doing exactly as intended. Since there were no users to show I got a screen the same as you have in the first post. It drove me crazy until I checked the "Show computer administrators" box and everything was fine after that.
At first I thought it was a bug but after thinking about it a bit I came to the conclusion that this was logically correct.
Your experience may vary.
My settings here:
@Merkley I tested the script with Name and Password text fields as a configuration profile, and that did not work either. It already has SHOWFULLNAME = 1 when I read it. Are people not using a login window configuration profile at all here? If not, then maybe we need to unmark this as "resolved".
Here's what I'm using now, which was close to the original login window settings that worked perfectly fine on High Sierra and below. It also has SHOWFULLNAME = 1 on it as well.
@thomast I have both configured, using the script and the configuration profile. I'm getting mixed results in my environment. Sometimes the computer just won't show the username and password fields. It's really odd behavior, but for the most part, we don't rely on that since we have FileVault enabled. It's only during the initial setup of the machine that the techs see that and couldn't get around it. I told them about @jkaigler's suggestion of using the option + enter to show the fields again, and they seem fine with that.
Is there anything new on this issue? We have a lab with about 30 iMacs all running 10.14.3, all domain-bound. We have always used the config profile to show the username and password fields rather than list of users because in addition to the fact that our users log in with their AD credentials, we would prefer that our local admin not be visible. Recently we've noticed that after the lab computers do their daily reboot, random computers will revert back to showing list of users, which only shows our local admin and then the "other.." option. This is not ideal as we can't expect our users, who are of the general school public, to know that they need to click the "other..." to login using their AD account, and again we would prefer that our local admin is not visible. If we choose to hide admin accounts, then we get the issue described in the OP.
I am also running the
defaults write /Library/Preferences/com.apple.loginwindow SHOWFULLNAME -bool true
command once per computer, but does not seem to have resolved the issue either.
Any help would be much appreciated. Thank you!
This is definitely a Mojave update bug and has nothing to do with anything you're "doing wrong". In my experience this happens to every High Sierra MacBook Air I upgrade to Mojave. The login boxes will be there for 3 seconds. Start typing or you'll get the bug shown by OP. I would just reboot when I was ready to login.
Since we're doing fun keystrokes, Option +5 is infinity ∞
I hate to bring back an old thread but has anyone figured out a way of turning OFF the Fast User Switching icon on the Menu Bar?
After selecting the option to turn on FUS it puts an Unnecessary login option on the Menu Bar is there a way to switch this off via script or preferably the same MDM profile?
Since it is just a simple Terminal command, do this:
Create a new policy and set the trigger and frequency to what is appropriate.
In the Files and Processes payload, add
defaults write /Library/Preferences/.GlobalPreferences MultipleSessionEnabled -bool 'NO'
to the last field, Execute Command. Set your scope and that's it.
CorpIT_eB, I didn't see the icon in the menu bar but I didn't look for the menu icon. I just kicked off another test Mojave erase/install that has this policy scoped to the machine. I'll let you know how it goes. It does completely disable FUS and removes the icon in High Sierra.
Update: Works in Mojave as well.
Just so everyone knows I resolved this problem by double checking system-setting/profiles and seeing if I had any overlapping policies. It turned out that Jamf's database was corrupt and even though the web said one thing it was generating a bad policy and once we got rid of it, it went away.