Open Radar

 
Summary:
User that only exists in the local domain(ion a machine that is bound to AD) cannot unlock filevault with a new password after change

Steps to Reproduce:
- setup 10.10.1 machine from clean install
- log in to admin user, create standard (mobile, AD) user, encrypt with FV2
- log in to standard user, reset admin password
- reboot


Expected Results:
- new password would succeed

Actual Results:
- old password still works
- attempt to perform process that worked to ‘sync’ password db in ~10.7:
sudo touch /System/Library/PrivateFrameworks/EFILogin.framework/Resources/EFIResourceBuilder.bundle/Contents/Resources
saw expected entries in log, as per 
http://derflounder.wordpress.com/2013/06/19/enabling-filevault-2-pre-boot-login-screen-functions-from-the-command-line/
- attempted sudo fdesetup sync, no change

Version:
10.10.1, 14B25

Notes:
Following log entries were expected, but do not coincide with successful sync of DB

com.apple.kextcache[600]: / locked; waiting for lock.
com.apple.kextcache[599]: rebuilding /System/Library/Caches/com.apple.corestorage/EFILoginLocalizations
com.apple.kextcache[599]: /System/Library/Caches/com.apple.corestorage/EFILoginLocalizations not cached.
kernel[0]: hfs: mounted Recovery HD on device disk0s3
mds[35]: (Volume.Normal:2464) volume:0x7ff57d8bc000 ********** Bootstrapped Creating a default store:0 SpotLoc:(null) SpotVerLoc:(null) occlude:0 /Volumes/Recovery HD
fseventsd[20]: Logging disabled completely for device:1: /Volumes/Recovery HD
com.apple.kextcache[599]: Successfully updated disk0s3.
kernel[0]: hfs: unmount initiated on Recovery HD on device disk0s3
com.apple.kextd[19]: / is still busy, delaying reboot.
com.apple.kextcache[600]: Lock acquired; proceeding.
com.apple.kextcache[600]: /: helper partitions appear up to date.
com.apple.kextd[19]:  up to date; unblocking reboot.