In a business (remote) environment, it’s extremely useful so the device can connect back with the MDM console so I can (easily) get the employee back into their laptop after they lock themselves out of the account.
Without it, I have to do annoying shit like walking them through dropping into Single-user mode or some shit. Very annoying and a 5 minute process just became like a 1-2 hour ordeal depending on user skill level.
I’m just curious here, but what are your Mac users doing to lock their accounts so often that this has become such a recurring pain point?
I feel for you, ever since I got approval to move all our mac’s to kandji for management, I have less issues reported from Mac users than windows users.
you asked why it happens so often, I provided a possible explanation.
just yesterday we had a similar case where a usb ethernet adapter wouldn’t work on a locked device due to a similar issue, even if that one may be more logical.
especially when you have to follow an outdated password policy where people have to change their passwords at regular intervals you’ll have such cases more frequently than when they only need to set it once until a suspected compromise.
Without remote access and the user locked out that can only be done through the MacOS recovery mode, if I’m already walking them through that mess might as well just reset their main account
I typed an ironic comment into my last answer about exactly such a scenario but deleted it, assuming a local login would still be possible. Like a domain login where on a failed attempt to establish connection during login would load a local profile that would be synced upon connection.
I honestly don’t see a reason why I would need to connect to a WiFi from the lock screen.
For personal usage, there isn’t
In a business (remote) environment, it’s extremely useful so the device can connect back with the MDM console so I can (easily) get the employee back into their laptop after they lock themselves out of the account.
Without it, I have to do annoying shit like walking them through dropping into Single-user mode or some shit. Very annoying and a 5 minute process just became like a 1-2 hour ordeal depending on user skill level.
why not just use jamf or something
I’m just curious here, but what are your Mac users doing to lock their accounts so often that this has become such a recurring pain point?
I feel for you, ever since I got approval to move all our mac’s to kandji for management, I have less issues reported from Mac users than windows users.
the larger a company the more cases you’ll have in absolute numbers, even if the relative numbers stay the same
I understand and agree with you but I’m a bit confused, is that in reference to part of my comment?
you asked why it happens so often, I provided a possible explanation.
just yesterday we had a similar case where a usb ethernet adapter wouldn’t work on a locked device due to a similar issue, even if that one may be more logical.
especially when you have to follow an outdated password policy where people have to change their passwords at regular intervals you’ll have such cases more frequently than when they only need to set it once until a suspected compromise.
You could turn on the guest account
Without remote access and the user locked out that can only be done through the MacOS recovery mode, if I’m already walking them through that mess might as well just reset their main account
Before they get locked out, I mean of course
I typed an ironic comment into my last answer about exactly such a scenario but deleted it, assuming a local login would still be possible. Like a domain login where on a failed attempt to establish connection during login would load a local profile that would be synced upon connection.
Yea, I have practically infinite options on Windows
But on MacOS those options are limited and rigid, this is why Windows will probably never be dethroned in the business space lol