Skip to main content
Question

Big Sur /M1 chip - Filevault2

  • December 31, 2020
  • 37 replies
  • 230 views

Show first post

37 replies

Forum|alt.badge.img+10
  • Valued Contributor
  • May 5, 2021

For FileVaulted Mac's the login/password boxes instead of user icons is expected as this is Apple's unified login. The way M1's boot to Filevault authentication has significantly changed see Rich T's post:
https://derflounder.wordpress.com/2021/01/17/filevault-login-screen-differences-between-intel-and-apple-silicon-macs/


mgshepherd
Forum|alt.badge.img+11
  • Contributor
  • May 17, 2021

I was just about to give out our first M1 to a customer and saw this. Seems like this shouldn't happen if it's the same account logging in.


mgshepherd
Forum|alt.badge.img+11
  • Contributor
  • May 18, 2021

Did some more testing... I first tried removing any config profiles that had Kernel Extensions, ran a machine fresh through the enrollment (DEP) process. Still had the issue. I then replaced my current version of NoMADLogin (v1.4) with the newer 1.5RC2, ran a machine through a fresh DEP enrollment, it was fixed! I was able to login once and it brought me straight to the desktop. I'm still very interested in what NoMadLogin 1.5 does differently on the M1 machines. Anybody have any insight? I tried looking at the config settings for NomadLogin (using authchanger -print) and I couldn't really see anything obvious.


Forum|alt.badge.img+2
  • New Contributor
  • August 12, 2021

FYI - We updated NoMAD Login to version 1.5.0 RC1 and confirmed this resolved the issue for us.


James, have you got a link to NoMAD 1.50 RC1 can't find it anywhere.


Forum|alt.badge.img+7
  • Contributor
  • August 26, 2021

Did some more testing... I first tried removing any config profiles that had Kernel Extensions, ran a machine fresh through the enrollment (DEP) process. Still had the issue. I then replaced my current version of NoMADLogin (v1.4) with the newer 1.5RC2, ran a machine through a fresh DEP enrollment, it was fixed! I was able to login once and it brought me straight to the desktop. I'm still very interested in what NoMadLogin 1.5 does differently on the M1 machines. Anybody have any insight? I tried looking at the config settings for NomadLogin (using authchanger -print) and I couldn't really see anything obvious.


Maybe too late to comment this, this has to do with a function called FDEAutoLogin. NoMadLogin 1.4 does not respect that, meaning you will have double login. For this reason we changed to JAMF Connect which the OS will pass the login credentials along and the users on FV login screen will go to the desktop upon entering the password.


James_von
Forum|alt.badge.img+1
  • New Contributor
  • November 2, 2021

Anyone make any progress on this yet?


Forum|alt.badge.img+7
  • Contributor
  • November 2, 2021

The initial login screen is part of the /Preboot volume, if anything is wrong, it's there. I am not technical enough to figure out what is wrong.


Forum|alt.badge.img+3
  • New Contributor
  • November 2, 2021

Anyone make any progress on this yet?


We run this and it sets the Filevault unlock to the logo.

sudo defaults write /Library/Preferences/com.apple.loginwindow SHOWFULLNAME -bool NO ; diskutil apfs updatePreboot /

You can also check out the comments here: https://derflounder.wordpress.com/2021/01/17/filevault-login-screen-differences-between-intel-and-apple-silicon-macs/


Forum|alt.badge.img+1
  • New Contributor
  • November 5, 2021

Anyone happen to have any updates or other workarounds for this issue? Odd that this has been the case for about a year now and there isn't a good workaround for it. The command above doesn't really seem to help in our environment. Wish the person that says they are using NoLoAD version 1.5 RC2 above would say where they got it from so we could test it, too. This is a major inconvenience now that Apple stopped selling the Intel chipsets and we're forced to purchase M1s. 


Forum|alt.badge.img+7
  • Contributor
  • November 5, 2021

Anyone happen to have any updates or other workarounds for this issue? Odd that this has been the case for about a year now and there isn't a good workaround for it. The command above doesn't really seem to help in our environment. Wish the person that says they are using NoLoAD version 1.5 RC2 above would say where they got it from so we could test it, too. This is a major inconvenience now that Apple stopped selling the Intel chipsets and we're forced to purchase M1s. 


I share the same thought with you, however given the route that Apple has chosen to go, either you play their games or you ditch them and go Windows. My preference has been slowing moving to the latter in the past few years of the stringent requirements from Apple and make their devices less IT friendly.

I don't even know how many nights of sleep I spent trying to get testing and researches done for various Apple issues. My work doesn't pay me to do research and development, they just want things done. You know what I mean?


mgshepherd
Forum|alt.badge.img+11
  • Contributor
  • November 5, 2021

I was able to obtain NoMADLogin 1.5 RC2 from the Macadmin's slack Nomadlogin group. I will warn you, version 1.5 is only suppose to work on ARM processors. For my environment I have it scripted when my Macs enroll, v.1.4 gets pushed to the Intel based machines and v.1.5 gets pushed to the ARM based machines (via Prestage Package Enrollment). The method does require some knowledge of scripting but is working fine for my process at the moment. This may not be a great solution for most users and keep in mind NoMADLogin is freeware so it only gets updated when the contributors find time.

https://macadmins.slack.com/files/U08LW9L4X/F01QF73H8KX/nomadlogin-1.5.0-rc2.pkg


Forum|alt.badge.img+1
  • New Contributor
  • November 5, 2021

I was able to obtain NoMADLogin 1.5 RC2 from the Macadmin's slack Nomadlogin group. I will warn you, version 1.5 is only suppose to work on ARM processors. For my environment I have it scripted when my Macs enroll, v.1.4 gets pushed to the Intel based machines and v.1.5 gets pushed to the ARM based machines (via Prestage Package Enrollment). The method does require some knowledge of scripting but is working fine for my process at the moment. This may not be a great solution for most users and keep in mind NoMADLogin is freeware so it only gets updated when the contributors find time.

https://macadmins.slack.com/files/U08LW9L4X/F01QF73H8KX/nomadlogin-1.5.0-rc2.pkg


Dude, THANK YOU. I kinda assumed it might have been on Slack, but wasn't sure. I'll tinker with it and see if I can get it to work with mine. I might use a similar script to what I use for installing Rosetta on our M1s to check the processor first.