If the service account is not repaired on these devices, future users added to the machine will not be able to decrypt the disk successfully during login and the JumpCloud agent will be unable to successfully take over existing accounts. JumpCloud has identified a problem on certain macOS devices where the JumpCloud Service Account is unable to perform necessary tasks related to user management. Secure token is invalid due to an invalid local or disk password.Keep in mind that Apple only allows an organization to register one MDM solution.Ī macOS device might have an Invalid status because of any of these situations: Register JumpCloud as your MDM server of choice with Apple.Remove the macOS system from the MDM policy.In the meantime, we recommend you use one of the following workarounds: We know this is an issue and are working to resolve it. The JumpCloud Service Account generates a very long random password, so when your MDM solution tries to apply a complex password policy, the random password may fail and stop the account from being created. The JumpCloud Service account fails to be created. The system is running macOS system version 10.13 or higher.You register your Apple Mobile Device Management (MDM) server of choice as something other than JumpCloud (some other solution you use alongside JumpCloud).Known Issue: MDM Password Policy Conflict If you’re installing the JumpCloud Mac agent and encounter a failure to create the service account, it may be due to the service account’s restrictions. It doesn’t have a valid home directory.It doesn’t have an accessible password.The service account provides security-level services to other JumpCloud managed user accounts and has the following restrictions: Rotate the FileVault Recovery Key when using the JumpCloud macOS FileVault 2 Policy.Provide new users with SecureTokens to authorize FileVault access.When you install the JumpCloud agent on a macOS system, it silently creates this system account to: JumpCloud uses a service account on macOS systems to let users unlock FileVault encryption.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |