Posted on 10-12-2020 01:24 PM
Our school deploys MacBook Airs that are typically used as shared devices by our students. The student account on the computer fully deletes itself, then recreates itself, every boot. i.e. the sequence is:
1) Computer boot
2) student account and Home Directory wiped
3) student account created again
We've noticed that, now that a number of our students are borrowing computers and using them at home for distance learning, when they boot the student account will sometimes throw errors that say "A keychain cannot be found for handoff-own-encryption-key" and "A keychain cannot be found AppAnonID." From what I've narrowed it down to through testing this only happens when the computer isn't connected to the internet at boot. It unfortunately causes a cascade of issues when it does happen though.
The script we're using to create the accounts right now is:
#!/bin/sh
accountExists=$(dscl . list /Users | grep "student") #if the account exists, this variable will equal the account name
# run loop to test to make sure that student has been deleted
loopCount=1
while [ -n "$accountExists" ]
do #while the folder exists, do this loop
echo "Attempt # $loopCount to delete $accountExists account"
/usr/local/bin/jamf deleteAccount -username "student" -deleteHomeDirectory
sleep 5
accountExists=$(dscl . list /Users | grep "student")
if [ "$loopCount" -ge 13 ]; then
exit 1
fi
((loopCount++))
done
# create student account
/usr/local/bin/jamf createAccount -username "student" -realname "student" -password "xxxxxx" -home "/Users/student"
Which worked consistently before when our computers were connected to our in-school Wifi at all times. We did change over all of our computers to Catalina over this last summer, so I expect that's playing a role as well, but again the script still works as expected when our computers are connected to the internet at boot. Does anyone have any idea what's going on?
As an aside, we've also had an ongoing issue with our laptop cameras being unable to be found by the OS on these computers. It seems sporadic and I haven't been able to pin down what conditions are causing it to happen. It may or may not be related to this keychain issue so I can open a separate ticket if need-be but thought I'd mention in case it's useful context.