Managed Client: Mobile accounts are not removed after the account expiration time is reached

A mobile account may not be removed following the specified expiration time in Workgroup Manager, after logging in the first time. This can occur when a mobile user has logged into a computer only once.

Log out and then log back in a second time on the same computer.

This will reset the last login date and will allow the mobile account to be removed once the expiration time is reached.

Learn more

The last login date is recorded in the /var/db/shadow/hash/uuid.state file. After the first login on a client this date may be set to an incorrect time. For example:

<key>LastLoginDate</key>

<date>1899-12-31T00:00:00Z</date>

 

Logging in a second time on the same computer will properly set the last login date and allow the account to be removed once the expiration time is reached.

Last Modified:
Helpful?

Additional Product Support Information

Start a Discussion

in Apple Support Communities
See all questions on this article See all questions I have asked
United States (English)