Skip to main content
Question

Problem deleting local account

  • July 26, 2018
  • 5 replies
  • 11 views
M
Forum|alt.badge.img+6

Hello folks.

I have a bit of a mystery here. When we first provision our student Macs, we set them up with a local account which is then deleted as various policies and stages kick in and they are joined to AD. However I noticed on a recent Macbook formatted to APFS, the temporary "mac" user persists even through the delete command issued by Jamf.

Logging in locally, I'm issuing the following command and getting the following error:

sudo dscl . delete /Users/mac
DS Error: -14120 (eDSPermissionError)

I can see a fix regarding some directory utility tweaks and fiddling, but was hoping if this is going to be prevalent that I could maybe script something instead. Has anybody else had similar issues?

    5 replies

    R
    Forum|alt.badge.img+19
    • ryan_ball
    • Contributor
    • July 26, 2018

    What happens when you try this:

    sudo jamf deleteAccount -username "mac" -deleteHomeDirectory
    M
    Forum|alt.badge.img+6
    • MBrownUoG
    • Author
    • Contributor
    • July 26, 2018

    No errors when I run that command, but the account is still there. If I go into directory utility I can see it listed, and if I click to delete it from directory utility there are no errors also, but nothing changes. It's indestructible!

    I formatted the drive again earlier and rebuilt the Mac with the same process, same outcome. The account is created as part of the prestage enrollment step, and later deleted with a "local account" policy through Jamf. This works a treat normally, but seemingly not on High Sierra with APFS.

    D
    Forum|alt.badge.img+8
    • dfarnworth_b
    • Contributor
    • July 31, 2019

    Did you find any solution/answer to what was going on? We have a policy that is supposed to remove a local account, but in about 30% of cases the policy runs, supposedly successfully, but the account persists. There are no errors from the policy.

    S
    Forum|alt.badge.img+15
    • sshort
    • Valued Contributor
    • July 31, 2019

    Check out this post, there were some changes to secureToken starting in 10.14.2 that can prevent you from deleting a local account under certain scenarios: https://travellingtechguy.eu/mojave-10-14-2-and-secure-tokens-it-works/

    L3nny5
    Forum|alt.badge.img+8
    • L3nny5
    • Contributor
    • April 15, 2020

    I'm having the same issue. Anybody figured out what the problem is/was?

    Terms & ConditionsCookie settingsAccessibility statement