Login screen issue with multiple monitors

davelebbing commented 1 week ago

When using multiple monitors in mirror mode and when using Crestron displays, it has been reported that the XCreds login screen can sometimes not display properly and prevent sign in. This issue does not affect the Mac sign in screen if XCreds is removed.

rodchristiansen commented 1 week ago

Our Issues with XCreds on Multiple Displays and Crestron-Connected Macs

We have encountered several issues with XCreds implementation on Macs connected to external displays, multiple monitors, and projectors, especially in complex classroom setups and exhibition areas, key points:

Display Problems on Instructor Stations: In lab environments, the XCreds login screen appears only on projectors when attached, rather than the main display. Most of the time both displays are black. This issue affects instructor stations in the four main Mac labs.
Complex Classroom Environments: In spaces such as theatre and boardroom, there are black screens across all connected displays, including the main monitor. We believe the Crestron systems installed in those rooms, but further testing is needed to confirm.
Mac Minis with External Displays: On Mac Minis, both single and multiple external displays sporadically show black screens, indicating a broader issue with display handling when XCreds is enabled.

Sorry I don't have a ton of helpful info as it is hard to troubleshoot. Happy to provide any logs or data I can. I'd would upload a video but essentially picture a Mac with a black screen and a projector with a black screen.

Attaching info from running over ARD for displayplacer list and system_profiler SPDisplaysDataType on a few different Macs, the machines with -01 are instructor stations connected to a Crestron external AV system, they report it as "36 or 84 inch external screens". All machines we have connected to Crestron are the ones with issues that we've had to pull XCreds from.

system_profiler SPDisplaysDataType.txt

displayplacer list.txt

davelebbing commented 5 days ago

@rodchristiansen could you attach or send us your XCreds mobileconfig settings? Please remove any sensitive account related settings. The other settings may help us analyze this.

rodchristiansen commented 3 days ago

@davelebbing here's our mobileconfig:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>PayloadContent</key>
        <array>
            <dict>
                <key>PayloadDescription</key>
                <string>Configures XCreds configuration preferences</string>
                <key>PayloadDisplayName</key>
                <string>XCredsPrefs</string>
                <key>PayloadIdentifier</key>
                <string>ca.ecuad.macadmins.XCredsPrefs.69EC6875-09A3-499D-9AE4-ACDA846CA849</string>
                <key>PayloadOrganization</key>
                <string></string>
                <key>PayloadType</key>
                <string>com.twocanoes.xcreds</string>
                <key>PayloadUUID</key>
                <string>1CC3DC0A-476F-4C93-A1B4-8888C04C8156</string>
                <key>PayloadVersion</key>
                <integer>1</integer>
                <key>clientID</key>
                <string>CLIENT_ID_FROM_TWO_CANOES</string>
                <key>discoveryURL</key>
                <string>https://login.microsoftonline.com/AZURE_TENANT_ID/.well-known/openid-configuration</string>
                <key>redirectURI</key>
                <string>https://127.0.0.1/xcreds</string>
                <key>loginWindowHeight</key>
                <integer>500</integer>
                <key>loginWindowWidth</key>
                <integer>500</integer>
                <key>loginWindowBackgroundImageURL</key>
                <string>file:///Library/Management/LoginCampusBackground.jpg</string>
                <key>cloudLoginText</key>
                <string>Sign in using MyEC account</string>
                <key>LocalFallback</key>
                <true/>
                <key>shouldShowVersionInfo</key>
                <false/>
                <key>shouldPreferLocalLoginInsteadOfCloudLogin</key>
                <false/>
                <key>shouldShowCloudLoginByDefault</key>
                <true/>
                <key>shouldShowShutdownButton</key>
                <false/>
                <key>shouldShowConfigureWifiButton</key>
                <false/>
                <key>shouldAllowKeyComboForMacLoginWindow</key>
                <true/>
                <key>shouldShowMacLoginButton</key>
                <false/>
                <key>shouldSwitchToLoginWindowWhenLocked</key>
                <true/>
                <key>autoRefreshLoginTimer</key>
                <integer>60</integer>
            </dict>
            <dict>
                <key>PayloadContent</key>
                <dict>
                    <key>com.twocanoes.xcreds</key>
                    <dict>
                        <key>Forced</key>
                        <array>
                            <dict>
                                <key>mcx_preference_settings</key>
                                <dict>
                                    <key>LicenseFile</key>
                                    <data></data>
                                    <key>LicenseFileBase64</key>
                                    <string></string>
                                </dict>
                            </dict>
                        </array>
                    </dict>
                </dict>
                <key>PayloadEnabled</key>
                <true/>
                <key>PayloadIdentifier</key>
                <string>ca.ecuad.macadmins.XCredsPrefs.CF991ACB-ACE3-4A25-9CAB-ADCDD6775B8A</string>
                <key>PayloadType</key>
                <string>com.apple.ManagedClient.preferences</string>
                <key>PayloadUUID</key>
                <string>b7781f18-5bcb-4cd9-9b34-87fc72b252ae</string>
                <key>PayloadVersion</key>
                <integer>1</integer>
            </dict>
        </array>
        <key>PayloadDisplayName</key>
        <string>XCredsPrefs</string>
        <key>PayloadIdentifier</key>
        <string>ca.ecuad.macadmin.XCredsPrefs</string>
        <key>PayloadOrganization</key>
        <string>Emily Carr University</string>
        <key>PayloadScope</key>
        <string>System</string>
        <key>PayloadType</key>
        <string>Configuration</string>
        <key>PayloadUUID</key>
        <string>9EE1D65C-F789-457E-ACBA-99CF8194592E</string>
        <key>PayloadVersion</key>
        <integer>1</integer>
    </dict>
</plist>

davelebbing commented 3 days ago

@rodchristiansen I'm wondering if this issue could relate to possible complications around the loginWindowBackgroundImageURL setting depending on status of the background image file availability on various machines. Let me know if removing it results in any change of behavior.

                <key>loginWindowBackgroundImageURL</key>
                <string>file:///Library/Management/LoginCampusBackground.jpg</string>

davelebbing commented 2 days ago

@rodchristiansen we are wondering if there could be a conflict with the utility you are using called displayplacer. It may be helpful to try checking if the monitor issue occurs when using XCreds and displayplacer is disabled.

rodchristiansen commented 1 day ago

Hey @davelebbing, regarding your questions, I don't think either are causing it.

The background image comes from a .pkg that is a dependency in Munki for Xcreds and they are there cuz unplugging from AV system shows the login window.

We aren't using displayplacer on any of the machines having the issue. There's one area of the university we use it with an outset login-every script due to specific monitors, but that's it, about 5 machines only and they are fine on the Xcreds end of things.

Let me know if there's anything else that could help

twocanoes / xcreds

Login screen issue with multiple monitors #271