Hi,
I have seen a few posts around this subject but not really seen an answer for my scenario.
I have a mix of DEP deployed Mac’s and manually enrolled ones. They all have Filevault enabled. For the DEP ones there is a policy which creates the user account. This is an Admin account for the user and uses the %username% variable. We have a default password which the user then changes once they have logged in for the first time.
Now, I want to create an Admin account which will allow us to reset local passwords, because the Local Accounts section will not allow this. If I try and create a new local account it needs the admin credentials for the machine to do this and I’m not about to do this manually for 100+ machines and ask the users for their local passwords, obviously.
So, how can it be done?
Thanks