I have the problem that for some time now password changes for the mobile account have not been working properly. The passwords are changed via the Active Directory and the password is also synced to the devices, but it is not changed completely. Instead of one password prompts upon login there are now two. The first one which accepts the old password and the a second one which accepts the new password. It seems that the first password unlocks the hardware and the second one the account. Before it was all done by the same password. Also I should mention that if I change the network password again, it will only affect the second password (that was the new one in the first place, the old password always stays.
Anyone have any experience with this?
Thanks for the help!
In our case, our Active Directory is on-premise and our network relies on a VPN connection to talk back to AD as everyone is working from home still. If this VPN connection breaks during the change or sync back to Active Directory we notice the two password issue.
We have a few fixes, but it would be good to find out how your connection is established first. On a Mac when you open System Preferences, Users & Groups and then click Login Options does it show a Network Account Server connected here?
Hmm okay, sorry to say I might be out of ideas here.
It could still be the connection between AD and the end user, although the password change goes through maybe the connection does not stay stable enough to sync back to the device. The issue with passwords syncs is one I hate - the main reason we're looking at jamf Connect.
Sorry I couldn't help anymore!