I'm binding a test VM to AD and I'm seeing a message dialog appear when I log in with an AD mobile user account:
A restart is required before continuing.
You must restart and log back in to continue.
There's a Restart button on the window. When I click on it, the VM restarts and I can log in without issues on the second try.
Is this something other people are seeing with Developer Beta 1, or am I the only one so far?
Bug filed for this issue. For those who wish to dupe it, it is bug ID 21420857.
Bug details:
Title: Mac OS X 10.11.0 (15A178w): Restart required before first logging in with AD mobile user account
Summary:
When logging into an AD-bound Mac, where the Apple AD plug-in is active and set to create mobile users, a restart is required as part of a AD mobile account's first login
Steps to Reproduce:
1. Bind Mac running OS X 10.11.0 (15A178w) to Active Directory using Apple's AD plug-in
2. Enable the Apple AD plug-in's "Create mobile account at login" option
3. Disable the Apple AD plug-in's "Require confirmation before creating a mobile account" option
4. Log in at the OS X login window with an AD account which had not previously logged into this Mac
Expected Results:
Login process would appear pause briefly while the AD mobile account's account credentials were cached and home folder was created.
Once AD mobile account's credentials were cached and the home folder was created:
1. The loginwindow would disappear
2. The AD account would be passed into the account's Desktop.
Actual Results:
1. Login process would appear pause briefly while the AD mobile account's account credentials were cached and home folder was created.
2. A message dialog appears which states:
A restart is required before continuing.
You must restart and log back in to continue.
There's a Restart button on the window.
When the Restart button is clicked, the Mac restarts
3. Following restart, the Mac returns to the OS X login window
4. Log in at the OS X login window with the AD account which had not previously logged into this Mac
5. The login window disappears
6. The AD account would be passed into the account's Desktop.
Regression:
Notes:
All testing has been done in VMware Fusion.
My only testing thus far has been with pre-staging mobile accounts. These did not require a restart to reach the desktop.
Wonder if this applies to other directory services, or is limited to AD?
I see the same behavior with LDAP accounts. I have a feeling this is not a bug, but rather, new behavior in 10.11.
If it is new behavior, it's interesting. Has anyone found any changes in the AD setup in terms of increased featureset?
Confirmed results here as well.
This impacts every new mobile AD user.
AD user 1 -> logs in -> must reboot -> login successful.
AD user 1 logs out
AD user 2 -> logs in -> must reboot ->login successful.
This is going to be a nightmare in shared education environments.
I do not get this behavior when using /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount before the user logs in. But if another AD user logs in they are required to restart.
Confirmed here as well (and agreed about the nightmare comment too!) Feedback filed (and hopefully all of the rest of you have done this!)
In my testing, Beta 2 now logs in normally.
