We are having the same issue, thus far only experienced with new machines that shipped with High Sierra (so far we haven't had any problems with computers that upgrade to High Sierra). We start the computer and go through configuration, then we have a "thin provisioning" policy deployed through self service that deletes the initial account and adds either teacher or student account as well as a tech account for administration. After the thin provision is completed, the computer reboots and then, since the initial account was deleted, we only have the two accounts and passwords won't take on them. The best we can figure is that APFS doesn't like the dschutil command (High Sierra initially didn't come with many command line tools, though the latest patch puts them back, but that's also another possibility as to why our particular workflow is not working).
We also do not use AD; the JAMF create/delete account policy won't work for us because we need to create more than 1 account at a time prior to deployment. We are interested in hearing somebody's solution, as many create account pkg creators are no longer supported or aren't quite up to date with High Sierra yet.
