Closed mrmte closed 5 years ago
rtrouton
commented
5 years ago I'm guessing that the issue is the . in the middle of support.engineering2. The script isn't set up to work with accounts that have special characters in the account name.
mrmte
commented
5 years ago No the problem was the password migration function needed to go before the delete commands otherwise it still leaves the localcached user in the AuthentinticationAuthority.
After I moved it before, then it worked.
I have recently tried the latest script to convert a 10.12.4 machine with a cached mobile account to a local account. In the gui all looks well and shows up as a standard account but the script reports back that it is still a mobile account.
"Something went wrong with the conversion process. The support.engineering2 account is still an AD mobile account."
looking at the account i ran this
/usr/bin/dscl . -read /Users/theaccount AuthenticationAuthority
which gave this result showing it still has Active Directory attributes
AuthenticationAuthority: ;LocalCachedUser;/Active Directory/DOMAIN/CORP_DOMAIN:theaccount