This article provides a fix for Macs receiving the "Authentication is disabled" error message when trying to install a software update. This error is caused by a corrupt Secure Token.
Note: Even if a user receives this error while trying to manually install a software update. The update will still automatically install during the nightly maintenance window if the computer is on.
Solution Options
Below are three methods to resolve the "Authentication is Disabled" error ordered by level of complexity for the end user.
- Leave the Mac on overnight so the update automatically installs.
- Run the "First Aid - SecureToken Fix" in Jamf Self Service. You will first be prompted for the user name and password of the affected user account followed by the user name and password of an account with administrator rights.
- Manually run the script below in the "Terminal" application on the affected Mac. Replace the "username", "password", "admininusername", and "adminPassword" fields with the actual account information.
sysadminctl -secureTokenStatus <username>
sysadminctl -secureTokenOff <username> -password - -adminUser <adminusername> -adminPassword -
sysadminctl -secureTokenOn <username> -password - -adminUser <adminusername> -adminPassword -
diskutil apfs UpdatePreboot /
Still need help? Consider the Related Articles box on this page or
open a ticket. Use the
Yes and
No buttons below to provide feedback on this article. You can submit without leaving comments
or add details on what you liked and what needs improvement.