Filevault 2 enable each user that logs in

Question

How exactly is FV2 disk encryption configuration supposed to work?

i want each user that logs in to be prompted to enter their password to be FV enabled
is this possible?  I only seen this happen once for the first user, afterwards I had to go ENABLE each additional user manually.

I have 
 Require FileVault 2 
Require users to enable FileVault 2 based on one of the following events
AT NEXT LOGOUT

what should the policies trigger and execution frequency be ? (i have it on logout and ongoing)

rich.trouton · Accepted Answer

Casper's FileVault 2 management uses Apple's fdesetup tool. Understand fdesetup, and you'll understand how Casper's FileVault management works.

I have a post on fdesetup on Mavericks available here and the same capabilities are available in Yosemite's fdesetup tool*:

http://derflounder.wordpress.com/2013/10/22/managing-mavericks-filevault-2-with-fdesetup/

*Yosemite added one additional capability to the deferred enablement options, but that option is currently broken as of 10.10.1:

https://jamfnation.jamfsoftware.com/discussion.html?id=12620

gachowski · Answer

I have a 1st log-in script that has a trigger/event that calls policy that is set to custom (once per computer and At next log in). With 9.6.1 and Mac OS X.10 it's Zero touch. The user logs in the script runs and then auto reboots the machine. On the user next log-in the the OS pop up a window tell the user they must encrypt they drive.

It doesn't as for the users password as it just got it during the log in and they user can't override it : ) the cancel button just reboots to the same same pop up : )

Big improvement in X.10 and 9.6

C

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded