You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: maison2002
maison2002 Author
User level: Level 1
11 points

Deleting User Accounts

Hi there, I work for a school and we have recently reimaged a macbook pro for general use. We have a server which allows us to login using individual usernames and passwords. Heres where the problem comes in, the mac seems to need a user account, but we do not want that as it forces the user to login to that user account first, before going to the login screen to login as themselves. We are able to delete every account but the last admin account.


We cannot allow staff/users to have the password to the admin account as we do not want them (specifically kids) to be able to do things on the mac as an administrator.


Is there any way to either delete the admin account or to disable the login for the admin account and go straight to the login screen for our server logins?


MacBook Pro (15-inch, 2017)

macOS High Sierra v10.13.6

MacBook Pro with Touch Bar

Posted on Apr 20, 2021 7:20 PM

Reply
Question marked as Top-ranking reply
User profile for user: maison2002
maison2002 Author
User level: Level 1
11 points

Posted on Apr 21, 2021 7:43 PM

Ok! After some playing around I've figured out that on macOS (at least High Sierra), that you are unable to have the bootup login screen include network logins while you have FileVault turned on.


This is because the initial sign in screen is simply to mount the drive using admin privileges, which of course without FileVault, isn't necessary to access the hard drives data and start the OS completely. After disabling FileVault, we are now able to sign in using our network logins from bootup.


Is there any serious security flaws while having FileVault off?

View in context

Similar questions

15 replies
Question marked as Top-ranking reply
User profile for user: maison2002
maison2002 Author
User level: Level 1
11 points

Apr 21, 2021 7:43 PM in response to BDAqua

Ok! After some playing around I've figured out that on macOS (at least High Sierra), that you are unable to have the bootup login screen include network logins while you have FileVault turned on.


This is because the initial sign in screen is simply to mount the drive using admin privileges, which of course without FileVault, isn't necessary to access the hard drives data and start the OS completely. After disabling FileVault, we are now able to sign in using our network logins from bootup.


Is there any serious security flaws while having FileVault off?

Reply
User profile for user: TheLittles
TheLittles
User level: Level 10
197,039 points

Apr 20, 2021 8:44 PM in response to maison2002

maison2002 Said:

"Deleting User Accounts: Is there any way to either delete the admin account or to disable the login for the admin account and go straight to the login screen for our server logins?"

-------


Two Thoughts on that Question:

A. Try this Post, and its Answer: Network user accounts not displaying on log in screen - User Community. It is a 2018 post, but it might do the job.


B. Use of Terminal in Recovery Mode:

If someone can get in to Recovery Mode, and then use Terminal, then they can see the admin (and other) users.

The Command:

dscl . list /Users
Reply
User profile for user: TheLittles
TheLittles
User level: Level 10
197,039 points

Apr 20, 2021 9:03 PM in response to maison2002

maison2002 Said:

"Deleting User Accounts: Unfortunately that didn't work. The active directory appears to be setup and configured correctly, but still does not provide the option to login using a network login from boot."

-------


Once Last Thought:

Try Researching via this Google Search Queue: allintext:network accounts login screen site:discussions.apple.com


Single Out Results:

Add some other keywords, keeping the site:discussions.apple.com part at the end of the search queue. That will bring the answer results down in quantity.


Screenshot:

Reply
User profile for user: TheLittles
TheLittles
User level: Level 10
197,039 points

Apr 20, 2021 8:08 PM in response to maison2002

maison2002 Said:

"Deleting User Accounts: Hi there, I work for a school and we have recently reimaged a macbook pro for general use. We have a server which allows us to login using individual usernames and passwords. Heres where the problem comes in, the mac seems to need a user account, but we do not want that as it forces the user to login to that user account first, before going to the login screen to login as themselves. We are able to delete every account but the last admin account.[...]"

-------


Two Main Thoughts:


Try Another Browser:

Note that Safari is not always operational with all sites. Typically, you see this with Educational Institutions(schools) and private sites(i.e. Absolute Software). To try Mozilla Firefox, or Google Chrome to see if all logins is successful.


If of No Success:


Talk to your Web Master: They are the one(s) who manage(s) your technology devices.

Reply
User profile for user: maison2002
maison2002 Author
User level: Level 1
11 points

Apr 20, 2021 8:12 PM in response to TheLittles

Hi mate, I think you may have misunderstood my question. I'm referring to logging onto the system itself. This is before any browsers are involved. I am one of the IT admins here and I'm trying to figure out macOS (first time using mac) as we want to use this macbook for general use. Every thing else is operational, besides the fact I am unable to set the login screen to use our active directory, instead of local users.

Reply
User profile for user: maison2002
maison2002 Author
User level: Level 1
11 points

Apr 20, 2021 8:40 PM in response to maison2002

This is simply because the image that is used for schools in our state seems to not be so optimized for macOS. For windows, the image forces you to login straight after booting with an account that is on the active directory server. For macOS, the active directory accounts still work, but getting to the point where you're logging in with one of those accounts isn't optimal as we need to login to a local account first.

Reply

Deleting User Accounts

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up