Problem creating additional accounts on Catalina

jlococo
New Contributor II

Not sure if anyone else is running into this, but when creating a new local account through Users & Groups in Catalina, that account when logging in receives messages that it cannot access or create a new keychain. If I try to access the keychains folder under ~/Library it says not authorized to access folder, and Keychain Access shows no "login" keychain and doesn't allow creation of another.

The fix is to right click on the keychains folder in finder and give the user "read/write" permissions instead of "custom"

Logging out and logging back in seems to set everything to normal and then checking in Keychain Access the login keychain is now visible

This isn't an issue with the hidden admin account account created during pre-stage enrollment nor the account created during initial setup during enrollment.

I've only noticed this problem in Catalina. Our Mojave machines don't have this problem.

1 REPLY 1

kburns
New Contributor III

I have not seen this specific issue yet, however, I have noticed the problem of the admin account not being created during pre-stage enrollment. As a result, FileVault isn't enabled at login with our Jamf Connect + LAPSUser workflow. It works fine in Mojave, but not Catalina. (Note: I also have the TCC profile for Catalina set up as part of our pre-stage so that's not the issue)