Monterey 12.3.x ONLY -- How to process the Enterprise Connect (ADSROOT) dialog boxes (NEW PROCESS!)

Owned by Steve Maser
Last updated: Jun 16, 2022 by Jim Zajkowski
3 min read

IMPORTANT NOTE: This article only applies to systems that are on macOS 12.3.0/12.3.1 – it is not applicable for anything on 12.4 (or later) as the bug related to this was fixed in 12.4 (so update your bootsticks if you are using 12.3.x bootsticks!)

 

On the first login to a Monterey 12.3 (or 12.3.1) mac – either clean install or OS upgrade – when on the campus network or at home and connected to the VPN - users will be presented with the following dialog box to “sign in” to ADSROOT:

 

For macOS 12.3, before you enter your Username and Password, click the “Options” drop-down and uncheck the “Sign in automatically” option (this will be checked by default.) You need to uncheck that option before continuing!

 

After unchecking “Sign in automatically”, please enter your uniqname and password as normal. When you then hit the “Sign In” button, you will receive this prompt:

 

Click on “Yes” at that point. After that, you will see another “Password Synchronization” dialog box that wants you to sync your Active Directory password with your computer password. These passwords should be the same password as your normal Kerberos/computer password:

 

Enter your password in both boxes and click the “Sync Password” button. This will give you the following result:

 

Click “OK” – and that should be it!

 

However: If your user did not deselect the “Sign in automatically” option, the next time they log out (or reboot) and reconnect to the campus network, the first dialog box will come up again. They will need to uncheck the “Sign in automatically” checkmark and enter their username/password again to get the “Yes/No” dialog box and select “Yes” there. (The “Yes/No” dialog box is key to making this work correctly!)

 

LASTLY: if these boxes keep coming up at login after the user has gone through them all once with “Sign in automatically” unchecked – this means that there is some problem with the user’s Active Directory password.

To solve this problem, please do the following:

1 – Have the user change their UM password at https://password.it.umich.edu

2 – On the Mac, open System Preferences → Users & Groups and have the user change their computer password to the new UM password.

3 - Restart the Mac to confirm the user can unlock/log-in to the mac with the new password

4 – The Enterprise Connect dialog boxes will come up again – but when the user goes through them one more time to “sync” the passwords – that should be it!