Instructions to fix Mac lock out – GL Password Sync Symptom: User reset GLID password. Upon logging in, user has to use old GLID password and then the new GLID password to get in. Caveat: User needs to know their old GLID password. Log into Lastinger -> Open terminal Run the command: sudo fdesetup list Copy the USER ID (the long String) beside the user’s username. Then run the command: diskutil list After running the command identify the disk volume which has user’s data, usually it named Data and copy the Identifier of the volume. (Here the Identifier is disk1s1). Run this command to Sync the User’s password with AD: diskutil apfs changePassphrase <disk Identifier> -user <UserId> Ex: diskutil apfs changePassphrase disk1s1 -user 27E97FDA-252E-1D28-97E2-E11278DB2D21 Once you enter, it will prompt to enter the old passphrase (Ask user to enter their old Gatorlink Password) and then it will prompt to enter the new passphrase 2 times. This should fix the issue. NOTE: Command below is also used when you see the symptom of “User not authorized” i.e. adding fingerprint, installing a big OS update. Finally run the below command to give secure Token to the user sysadminctl interactive -secureTokenOn <USERNAME> -password -