EID password changes and downstream effects

In the Spring of 2019, the Information Security Office on campus starting enforcing password change requirements for UT EIDs.  Individuals were required to change their password by a certain date and were notified by email.  Changing the EID password resulted in some technical difficulties for some individuals.  Below are some resultant issues that were seen by the Moody Services Team. 

  •  Users could no longer log into their Macintosh computer.

This was manifested in at least a couple of ways.

  1. Laptop users who had changed their EID password at home or on another computer did not then have the correct EID credentials cached for their wifi connection to utexas. The computer would then revert to utguest presumably in the background but also would not allow the user to login to the computer.  
    Once connected to a UT wired network, the user could get into the system with their new EID password and then change their wifi credentials for utexas.
    Sometimes extra steps were required to get connected to utexas; see the utexas wifi connection issue in the next bulleted section. 
  2. Active Directory and Filevault encryption were not in sync.  To get past this issue with Filevault encryption, the user would have to enter their old EID password which would work for Filevault but which would then prompt for a new login screen where the new EID password was accepted for that login, thus making it a two step process to get into the computer.  In one case, once logged in, we decrypted the computer, then re-encrypted and updated the Filevault passcode record. 
  • utexas wifi could not be joined after EID reset on a Macintosh computer

In at least two instances, users who successfully logged into their computers after changing their EID passwords would get an error message when trying to connect to the utexas wifi with an error to the effect of "utexas could not be connected, move closer to the access point".   Proximity was not the issue as other EID credentials could connect to the wifi under other logins to that computer. 

"Forgetting" the utexas network failed to help in this regard.  The error would resurface when trying to connect to utexas.

The solution was to delete the utexas reference under the login keychain in Keychain Access on the Mac and also the dotx references under certificates in Keychain Access. Once that was done, the network could be "forgotten" and logged into with new EID credentials.

  • iOS devices lost network connection

Simple fix of just "forgetting" the network and reconnecting with new credentials.

  • login Keychain on MacOS prompts after EID password change

Users just need to enter their old EID password at the first prompt when choosing to update the keychain after login.  They could choose to delete and recreate but updating is the easiest route.