Help

Problem deleting local account

MBrownUoG
Contributor

Posted on ‎07-26-2018 08:18 AM

Hello folks.

I have a bit of a mystery here. When we first provision our student Macs, we set them up with a local account which is then deleted as various policies and stages kick in and they are joined to AD. However I noticed on a recent Macbook formatted to APFS, the temporary "mac" user persists even through the delete command issued by Jamf.

Logging in locally, I'm issuing the following command and getting the following error:

sudo dscl . delete /Users/mac
DS Error: -14120 (eDSPermissionError)

I can see a fix regarding some directory utility tweaks and fiddling, but was hoping if this is going to be prevalent that I could maybe script something instead. Has anybody else had similar issues?

0 Kudos
5 REPLIES 5

ryan_ball
Valued Contributor

Posted on ‎07-26-2018 08:40 AM

What happens when you try this:

sudo jamf deleteAccount -username "mac" -deleteHomeDirectory
0 Kudos

MBrownUoG
Contributor

Posted on ‎07-26-2018 08:53 AM

No errors when I run that command, but the account is still there. If I go into directory utility I can see it listed, and if I click to delete it from directory utility there are no errors also, but nothing changes. It's indestructible!

I formatted the drive again earlier and rebuilt the Mac with the same process, same outcome. The account is created as part of the prestage enrollment step, and later deleted with a "local account" policy through Jamf. This works a treat normally, but seemingly not on High Sierra with APFS.

0 Kudos

dfarnworth_b
New Contributor III

Posted on ‎07-31-2019 06:45 AM

Did you find any solution/answer to what was going on? We have a policy that is supposed to remove a local account, but in about 30% of cases the policy runs, supposedly successfully, but the account persists. There are no errors from the policy.

0 Kudos

sshort
Valued Contributor

Posted on ‎07-31-2019 06:54 AM

Check out this post, there were some changes to secureToken starting in 10.14.2 that can prevent you from deleting a local account under certain scenarios: https://travellingtechguy.eu/mojave-10-14-2-and-secure-tokens-it-works/

0 Kudos

L3nny5
New Contributor III

Posted on ‎04-15-2020 07:23 AM

I'm having the same issue. Anybody figured out what the problem is/was?

0 Kudos