KEXTs and Big Sur a big issue!Solved

Participant
Discussion
4 years ago

Anyone seen this error “Recovery is trying to change system setting. No Administrator was found.”

I ran into this on my Big Sur Mac. The first boot after the enrollment worked fine. It was on the next one I came across it.

We’ve contacted Apple support and they’ve claimed to replace it.

Meanwhile it was good to have a solution to resolve this.

Replies (6)

Marked SolutionPending Review
Participant
4 years ago
Marked SolutionPending Review

We’d some of these kernel extensions installed using policy. But the thing is the FileVault 2 user is a non-admin user.
I’m doubting if the KEXTs are causing this issue on Big Sur or if the non-admin user account>

Marked SolutionPending Review
Participant
4 years ago
Marked SolutionPending Review

I have seen this before. It was when we were re-installing macOS from Utility.

I guess there are similar reported cases in Apple’s discussions as well.
https://discussions.apple.com/thread/8486592

Marked SolutionPending Review
Hexnode Expert
4 years ago
Marked SolutionPending Review

Hi @fleur and @Denise,

Thanks for reaching out,

Many Apple users have reported this error while rebooting macOS devices. And this question is seen to have been raised directly in the Apple discussions. While it’s not uncommon, the solutions or workarounds that solved this issue varied with users. So, we cannot arrive at an exact solution.

Yet, some of the standard solutions that worked for the users are:

  • Try enabling FileVault and disabling it.
  • Restore the Mac using DFU mode.
  • Remove the KEXTs policy associated with the devices.
  • Disable FileVault encryption on the device (if FileVault 2 is enabled) already. Change the security level to Reduced Security. Turn on the encryption.

Attempting any of these methods can help. Don’t hesitate to get in touch with AppleCare for Enterprise support if anyone has this issue persists. Also, you are free to contribute to the solutions that work for you.

@fleur Try the above methods until you’re equipped with your replacement Mac. ?

Your instincts for Big Sur and issues with Kernel Extensions can also be accurate.

Specific KEXTs are not supported on macOS Big Sur. Therefore, KEXTs that use deprecated KPI does not load. Instead, you can use system extensions to factor out deprecated components.

Good luck!

Catherine George
Hexnode UEM

Marked SolutionPending Review
Participant
4 years ago
Marked SolutionPending Review

This worked for me.

  1. Boot the macOS device to recovery mode.
  2. Open Terminal.
  3. Execute the command: resetpassword. 
  4. Just click on the background to the side of Reset Password window. Recovery Assistant > Erase Mac.
  5. Chooe Erase Mac and click Erase Mac again to confirm. The device restarts automatically.
  6. If they are on 11.0.1 it will automatically reboot after erasing. After rebooting select wifi appears. It asks the user for activation. Once activation completes, choose the option Exit to Recovery Utilities.
  7. If activation failed, make sure they are connected to the internet via their Wifi icon. Once activation is done, you can see the normal restore options. Choose reinstall macOS Big Sur.”
Marked SolutionPending Review
Participant
3 years ago
Marked SolutionPending Review

It can also occur with a user account does not have a secure token. Change it to local admin account so that secure token can be granted. And it was resolved for me.

Marked SolutionPending Review
Participant
3 years ago
Marked SolutionPending Review

Here, rebooting to the recovery mode gave us “no admin found” error. What we did was we

  • rebooted back to OS.
  • Turned off FV2 encryption.
  • On terminal

    su $administrator (any filevault2 user)

    sudo fdesetup disable

    sudo sysadminctl -adminUser $administrator -adminPassword – -secureTokenOn $USER -password ($user= username)

    sudo fdesetup enable

    sudo diskutil apfs updatePreboot

    sudo sysadminctl -adminUser $administrator -adminPassword – -secureTokenOn $OTHER -password –

  • Boot to recovery and change the security level to reduced security to allow 3rd party extensions. Enable these options:

    Allow user management of kernel extensions from identified developers

    Allow remote management of kernel extensions and automatic software updates

Save