Jamf Nation Community

This isn't a Jamf issue, it's an AD bind issue following the High Sierra upgrade. You need to get your Mac on a network that can talk to AD. Then you'll be able to log in...

There has been a bug identified with High Sierra bug and Active Directory logins using mobile homes. It was discussed on the #enterprise-connect channel of macadmins slack.

Had the same problem logged in with the local admin remove the device from the domain and removed the MDM profiles I was able to login fine with moble accounts. Rebound everything and re pushed all the policy device is good to go.

After updating a couple machines to High Sierra, the same log in issue took place in our institution. The machines are bound to AD and connected with profiles to JAMF. Removing the AD bind and adding back did not correct the issue for us. After trying to log into some other machines/services unsuccessfully, it appeared the AD password had become incorrect. We logged into AD and set the user's AD password to the current password it should be. The users can now log into their machines and services they had been locked out of.

It is strange to say, but it seems the High Sierra update changed the set AD password of the user that performed the update on that machine in our case.

Same issue happened to me. What's different is that even taking it to work and connect to ethernet connection, the login still didn't work.
Took it to IT admin, they looked into it and was unable to login as the admin account is also a network account.

Anything else I can try besides removing the ssd? (2015 macbook pro)

Same thing happened to me. Cannot login after upgrade to high sierra, even if I hardwire to corp network. There is no local account on the machine and IT admin is not able to login either.

Need some serious help!

@SalimUkani The issue is i cant login.

Just checking with the above, there was an issue with OS X 10.13.0 and .1 that stopped mobile AD accounts from working. If you're on 10.13.2+ you shouldn't be seeing the above issue.

Got to make sure clients don't have 10.13.0/1 already sitting in their /Applications folder if you ever allow the upgrade via the App Store to go through.

@Anttip @jeremy.rodrigues I had the same exact problem, I created a new admin account, modified whatever needed to be modified, made sure everything i needed to work / accounts could login, then removed the admin account i created.

Follow these steps:

Start up the Mac whilst holding down ⌘-S. After a few moments, you'll see the Mac boot to the command line.

Before continuing, the filesystem must be checked and mounted, so files are't immediately accessible to interact with. To do this, enter the two commands that are displayed within the prompt, one at a time.

The following command will check the filesystem to ensure there are no problems. Enter:

/sbin/fsck -fy

The next command will then mount the filesystem for it to be accessible:

/sbin/mount -uw /

With the filesystem mounted and accessible, it's time to remove the file so OS X will re-run Setup Assistant:

rm /var/db/.AppleSetupDone

After that, simply enter reboot and your Mac will restart and boot normally. Only this time, Setup Assistant will launch after you login.

you should have a management account if it's enrolled in JAMF??

use that..

@SalimUkani

The issue was Centrify the AD tool broke when upgrading. The ones updated had to be rebuild. For the ones still on sierra, we uninstalled Centrify, then updated without issue.