Just realized that there are so many useful scripts from JAMF Nation, here is a easy one you can deploy to Self Service to fix those annoying Keychain issues with AD…
https://jamfnation.jamfsoftware.com/discussion.html?id=13736
If you are lazy to read, here is the script from the author:
#!/bin/bash
current_user=`finger –s –l | grep Login | cut –c 8–25`
if test –e /Users/$current_user/library/keychains/????????-????-????-????-????????????; then
echo “Local Items keychain found”
rm –rf /Users/$current_user/library/keychains/????????-????-????-????-????????????
else
echo “No local items keychain found”
exit 1
fi