cancel
Showing results for 
Search instead for 
Did you mean: 

Mac JumpCloudService account App Failed (Solved)

Fulgubbe
Novitiate III

Hi Community! 

Still had quite a few Macs with "Need attention" status after failed attempts running the create service account app introduced in latest agent update.

After some trial and error I realized that somewhere on the way the affected users token passphrase had got out of synch and this is how I solved it (fix maybe can be implemented in the app but this is a workaround for now).

Step 1 - Check the Securetoken status of the Account sysadminctl -secureTokenStatus username_goes_here

Step 2 - Once the Securetoken is enabled for Account, execute the below commands
sudo fdesetup list | grep $USER #where $user is the name of the user out of sync
It will return

USER,27E97FDA-252E-1D28-97E2-E11278DB2D21
then copy the long UUID and enter:

diskutil apfs changePassphrase disk1s1 -user 27E97FDA-252E-1D28-97E2-E11278DB2D21
You will be prompted for the old password and the current password.
It will return Passphrase successful.

Step 3 - Reboot computer and login with Jumpcloud pass then launch the JumpCloudServiceAccount app from application and create the service account as intended. 

Credits for Token sync fix to: 

https://community.jamf.com/t5/jamf-pro/a-reliable-fix-for-filevault-2-password-sync-issue/m-p/234241

2 REPLIES 2

BScott
Community Manager Community Manager
Community Manager

This is great! Thank you for sharing.

Like someone's post? Give them a kudo!
Did someone's answer help you? Please mark it as a solution.

simonbh-cbu
Novitiate II

What if you do not know the old password?

You Might Like

New to the site? Take a look at these additional resources:

Community created scripts

Keep up with Product News

Read our community guidelines

Ready to join us? You can register here.