Mac User Profile Locked/Disabled – Resolution Guide
Issue Summary
Name: Mac User Profile Got Locked/Disabled
Possible Reasons for Locked/Disabled Account
1. Exceeding the allowed number of incorrect password attempts.
2. Jumpcloud password doesn’t match the local account. it may trigger a lockout
3. Expired password + failed login attempts.
4. Some time when you entered the wrong password and restart the device and try again to entering the password that time account will be disabled.
Observed Behavior
At the login screen, the user is denied access with a message like:
-
“Your account has been locked.”
-
“Your account has been disabled.”
JumpCloud Sync Behavior.
1. Locked-out State:
a) Synced with JumpCloud.
b) The JumpCloud agent actively monitors user login attempts and lockouts.
2. Disabled State:
a) Not synced with JumpCloud.
b) macOS may disable accounts due to internal security policies, SecureToken/FileVault issues, or local user corruption.
Resolution for Locked-Out Accounts
1. Automatic unlock after the time that is set in jumpcloud Admin Console.
2. Manual Unlock via Admin Console
Log into the JumpCloud Admin Portal
Go to home option.
Locate the User Lockout's and Unlock the User
Resolution for Disabled Accounts
Option 1: Using Another Local Admin Account
a) Log in using the local admin account.
b) Open System Settings > Users & Groups.
c) Select the user whose password needs to be changed. Click on i icon
d) Click “Change Password” or “Reset Password”.
e) Enter and confirm the new password.
Step 2: Boot into macOS Recovery. (M1/M2/T2/Intel Mac)
On an M1/M2 Mac:
1.Click the "Shut Down" button to turn off your Mac.
2.Wait until it's completely powered off.
3.Press and hold the power button until you see "Loading startup options."
4.Click Options > Continue.
On an Intel-based/T2 Mac:
1.Click "Shut Down" to power your Mac off.
2.Press the power button, then immediately press and hold the Command + R keys until you see the Apple logo.
If FileVault is enabled on your Mac:
When FileVault is turned on on your Mac, you'll need to enter the admin password for your admin account before you can access Terminal. Since you don't have the correct password, you can take the steps below to reset the password
1.Shut down your Mac, then boot into Recovery Mode.
2.You will see the accounts and if you don't know the password of any account. Click on Forgot all passwords?
3. After that you need to enter the recovery key.
If you have enabled the FileVault Policy through JumpCloud, follow the steps below to locate the recovery key in the Admin Console
1.Log in to JumpCloud Admin Portal:
2.Navigate to Devices:
3.Find the Mac Device:
4.In the "Highlights" section under the Device Overview, you will see the recovery key if it has been escrowed.
5. Enter the recovery key – A pop-up will appear. Click on “Reset Password.”
6. Select the user account – You will see a list of user accounts. Choose the account for which you want to reset the password.
6. Set a new password – Enter and confirm the new password for the selected account.
7. Once authentication is successful, click on “Exit Recovery.”
8. Restart the device, then log in the new password for the account you just updated.
Note: This password is not yet updated in JumpCloud. It is a temporary password used to log in to your account one time.
After successfully logging in, you will see a pop-up notification on the right side of the screen, and the JumpCloud icon in the menu bar will display a red dot.
You will need to confirm your password through this prompt to synchronize it with JumpCloud.
a) Click on "Confirm Now"
b) After that need to confirm YOUR JUMPCLOUD PASSWORD.
c) Click Next – your password will now be updated. The password you confirm at this step becomes both your JumpCloud account password and your device login password.
If you are using an Apple Silicon macOS device, please follow the provided link to resolve account disablement or lockout issues.
If your account is completely disabled on your macOS device, please use the link below to re-enable the profile.
Thank you
Related Articles
Deleting Unwanted User Profiles from macOS and Windows using JumpCloud
Deleting Unwanted User Profiles from macOS and Windows using JumpCloud Overview This guide provides steps to identify and remove unwanted/suspended user profiles from macOS and Windows systems through JumpCloud Commands. It ensures that only the ...Add users to a user group in bulk Using a CSV File from PowerShell
Add Users to a User Group in Bulk using Powershell Step 1 Install the JumpCloud Module on your Powershell ( Windows/ MAC ) Install JumpCloud on Windows. Open Powershell as Administrator. Run this cmd -> Set-ExecutionPolicy -ExecutionPolicy ...Deploy Netskope Client for Mac using Jumpcloud MDM
Silent deploy the Netskope Client on Mac devices using IDP enrollment mode with Jumpcloud MDM Prerequisite: SAML Forward Proxy integration with Jumpcloud as an IDP must be configured prior to deploying the Netskope Client Configuration Steps 1 - ...Set password expiration for users currently marked as 'Password Never Expires' in bulk (User Group Base) from Powershell
Set password expiration for users currently marked as 'Password Never Expires' in bulk Step 1 Install the JumpCloud Module on your Powershell ( Windows/ MAC ) Install JumpCloud on Windows. Open Powershell as Administrator. Run this cmd -> ...Mac - Generic DMG Installer - JumpCloud
Name Mac - Generic DMG Installer - JumpCloud Content- #!/bin/bash # *** USAGE *** Version: 1.2 # *NOTE* this template is only designed to work with DMG files and does not support .pkg, .zip files or DMGs that contain .pkg installers. # Update the ...