This site requires JavaScript to be enabled
An updated version of this article is available

How to create new login accounts on Berkeley Desktop MacBooks

475 views

6.0 - Updated on 2025-07-08 by David Schwartz

5.0 - Updated on 2024-09-19 by David Schwartz

4.0 - Updated on 2024-09-06 by David Schwartz

3.0 - Updated on 2024-02-08 by David Schwartz

2.0 - Updated on 2024-01-30 by David Schwartz

1.0 - Authored on 2024-01-16 by David Schwartz

Modern security features require special steps when sharing Apple MacBooks and iMacs

The following assumes a standard configuration Apple silicon powered MacBook or iMac with FileVault encryption enabled and at least one existing user able to log into the machine with their account

**IMPORTANT** If the Mac has been shut down or restarted an existing user must be available and able to log in for the initial creation of a new user's account. If no exiting person is available or able to log into the Mac please open a ticket with Service Desk for help from ITCS or your departmental IT staff.

After following the steps below the new user account will work from anywhere, and that user can also follow these steps to help a new user create their account on the Mac.

Option 1: If the MacBook or iMac has already been shutdown or restarted and wired campus Ethernet is available:

Step 1: Existing user logs into macOS.

Step 2: Connect a USB-C to Ethernet adapter (MacBook) or built in Ethernet (iMac) that has been properly registered on Socreg and if prompted to "Allow accessory to connect" click the "Allow" button.

USB Allow accessory to connect?

Step 3: Confirm Ethernet connection by visiting:

Apple Menu->System Settings->Network

Ethernet must be at the top of the list with a green dot.

Network Settings USB List View

Step 4: Current user selects "Log Out (user name)" from the Apple menu.

Step 5 (final): New user logs in with their CalNet ID and Passphrase.

 

Option 2: If the MacBook or iMac has already been shutdown or restarted and wired campus Ethernet is not available

Step 1: Existing user logs into macOS.

Step 2: Sign into Eduroam (on campus) or connect to campus VPN using GlobalProtect (off campus).

Step 3: Launch Self Service from the Dock or double-click its icon in the computer's /Applications folder.

(more information about using Self Service can be found here)

Step 4: Locate "AD First User Login" offer and click the "Create Login" button. Follow the on-screen prompts and instructions.

Jamf Control System Events

Enter AD CalNet Account

AD CalNet Account Confirmation

Enter your CalNet Passphrase carefully; the password field will not display any text or characters while typing.
If you make a mistake, use the backspace key multiple times and try again.

If you see "Sorry" go back and repeat the steps from the Self Service offer.

Terminal Sorry

If you do not see "Sorry" the process was successful, even with this scary sounding "Permission denied" error message:

Step 5: Current user selects "Log Out (user name)" from the Apple menu.

Step 6: New user logs in with their CalNet ID and Passphrase.

Step 7: New user connects to the internet (Eduroam or wired Ethernet or home WiFi) to configure account for FileVault unlocking.

Step 8 (final): New user selects "Restart" from the Apple menu to test and confirm account allows proper login after restart.

Revised by David Schwartz
Last modified 2024-02-08 16:55:10