Migrate AD mobile account to local
mrmte opened this issue · 2 comments
I have recently tried the latest script to convert a 10.12.4 machine with a cached mobile account to a local account. In the gui all looks well and shows up as a standard account but the script reports back that it is still a mobile account.
"Something went wrong with the conversion process.
The support.engineering2 account is still an AD mobile account."
looking at the account i ran this
/usr/bin/dscl . -read /Users/theaccount AuthenticationAuthority
which gave this result showing it still has Active Directory attributes
AuthenticationAuthority:
;LocalCachedUser;/Active Directory/DOMAIN/CORP_DOMAIN:theaccount
I'm guessing that the issue is the . in the middle of support.engineering2. The script isn't set up to work with accounts that have special characters in the account name.
No the problem was the password migration function needed to go before the delete commands otherwise it still leaves the localcached user in the AuthentinticationAuthority.
After I moved it before, then it worked.