Macbook with "Authentication Disabled" message

I was able to recover, as far as I know, one of my user's local accounts that started having this issue after resetting their Active Directory password. They first reported that the fingerprint reader had stopped working and was unable to re-enroll. When it asked the user to authenticate they received the "Authentication Disabled" message.

We tried some of the community solutions with no luck and we did not want to reimage the user's device due to time constraints and fear of data loss. I am posting what worked for me here in hopes that someone will understand what causes the problem or why this resolved it.

User Report

• fingerprint reader not working
• user unable to re-enroll fingerprint
• user had just reset their Active Directory password
• "Authentication Disabled" message when trying to open the Passwords app
• "Authentication Disabled" message after typing in password to any authentication dialog
• user had the "allowed to administer" and "mobile account" options ticked

Our Solution

1. Logged into administrator account
2. Renamed affected user profile folder, /users/old_<user name>_profile
3. Deleted the affected user via the Users and Groups app
4. User logged in and is presented with the new account setup dialog
5. The new account setup dialog asks the user for the last password used to unlock the device
   1. The user's previous password did not work
   2. The user clicked I forgot my mackbook password
   3. The user recieved a message that some data could not be decrypted
6. The user was presented with a clean profile
7. The user browsed to /users/old_<user name>_profile and successfully copied back files to the freshly created /users/<user name> folder.