Enabling FileVault via a Jamf Pro configuration profile on a Mac with NO Secure Token holder, fails.At login the user gets a popup asking to enable FileVault, but nothing actually happens when clicking ok. Enabling FileVault via a Jamf Pro policy on a Mac with NO Secure Token holder does not work.Local Standard accounts and Mobile Managed/Admin do not automatically generate a Secure Token.Only logging in with a LOCAL Admin account at the very first login, will generate a Secure Token for this specific account.I had to wait until 10.14.2 came out of beta, but now that 10.14.2 is released, let’s see what this early Filevault Santa bring us!įirst of all, let’s list the concerns/issues we all had with FileVault on 10.14.1: I ended up testing almost every scenario with different types of accounts, on both 10.14.1 and 10.14.2. Hence my intensive search for a recommended workflow to avoid as much of the issues as possible. Additional bugs on 10.14.1 seemed to make the mayhem complete, leaving many of us in a state wondering if something was expected behaviour, or “a feature”… In all fairness, there were moments where I thought I finally understood how Secure Tokens work, and other moments where I just lost all hope… This, amongst many other FileVault related issues, caused some concerns for many Mac Sys Admins. This due to the fact the first account logging into the Mac has to be a LOCAL Administrator. The main issue was that if no account on the mac had a Secure Token, the profile would fail to enable FileVault. When I wrote my previous post on Secure Tokens, I mainly focused on enabling FileVault with Configuration Profiles on 10.14.1. see comments !!! IMPORTANT UPDATE 12th of MAY 2019: I would advise reading the post below for overall understanding of my Secure Token overview regarding different deployment strategies, but have a look at my new post regarding Apple's official documentation here! Not everything but there are some welcome changes! !!! ALREADY AN UPDATE to what I wrote here - see comments !!! Update 2: 9/12/18 - promote the non-admin Secure Token holder.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |