Faced rather strange issue that when Mac locks out mobile account (tied to Active Directory), it won't unlock it even when corresponding AD account is unlocked. When Mac OS can access directory it allows to login (say, when you're connected via VPN you can do fast user switching), but once you disconnect - account is locked again. In an office it would be pretty much ok, but during WFH era with VPN everywhere it's rather annoying. Like, you can't recreate mobile account because it has to login at least once, but in order to access VPN you already have to be logged in. Fortunately, there's fix for this (but you need to have a local admin account as well).

https://discussions.apple.com/thread/252113371?page=2

Just delete damaged mobile account. Then

sudo /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -n username dscacheutil -q user -a name username sudo dsconfigad -passinterval 0

will create a mobile account for you without logging in. Then you should login to it at least once.

Yes, but what to do with home folder? When deleting old mobile account you will be given a choice what to do with documents: save in image, keep the folder or delete it. Keep the folder, then when creating an account again it will be renamed to "username (Deleted)". Give your Terminal app full disk access, rename new "/Users/username" folder to something else and rename old folder "/Users/username (Deleted)" to "/Users/username". That way you'll get back all your settings and documents.