We have a mixed environment where we use AD for our patient care network and OpenLDAP for our research network.
We had issues with mobile accounts in High Sierra. Since macOS 10.13.1 the mobile accounts work again with AD, but we still have issues with mobile accounts with OpenLDAP. I try to explain as clear as possible what our issue is.
We only use OpenLDAP for user authentication. We use rtrouton script for OpenLDAP: https://github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/open-ldap_bind_script. This still works and we can login. As long as the account stays a network account we can logout and login.
But as soon as the account is converted to a mobile account we cannot login anymore. We use the command /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -n "$loggedinuser" (where $loggedinuser is defined at the beginning of the script). This has been working from Mac OSX 10.8 till macOS 10.12.6.
The strange thing is that when we upgrade a Mac from macOS 10.12.6 to 10.13.1 the existing mobile accounts work, but a new mobile account cannot login anymore. Even the 10.13.2 beta doesn't solve the issue.
Has anyone experienced the same issue and found a solution to this problem? We've been trying to see where it goes wrong, but we haven't found any clue in the logs.
