FileVault 2 Smart Group Problem

Question

Hey,I have a problem in my environment where I have a Smart Group ("FileVault Eligible Devices") set up according to best practice. (https://docs.jamf.com/technical-papers/jamf-pro/administering-filevault-macos/10.30.0/Creating_Smart_Computer_Groups_for_FileVault.html)FileVault 2 Eligibility Is EligibleANDFileVault 2 Partition Encryption State Is Not EncryptedJust like it states. My problem is, however, that devices that already have FileVault enabled get put into this group. Now I no longer know which devices had FileVault enabled by JSS and which had it enabled prior to enrollment. (Most of the devices either report PRK as unknown/invalid or report encryption state as Unencrypted despite being encrypted, even FileVault enabled by JSS.) I have created a Ticket to Jamf support about this, they elevated it to their Tier 2 team but they stopped responding to me. Could someone here have any insight? Thanks!

user-qHFlIsdGUC · Accepted Answer

This works with inversed logic: "FileVault 2 Partition Encryption State" "Is" "Not Encrypted" -->"FileVault 2 Partition Encryption State" "Is Not" "Encrypted"

john_kunkle · Answer

This works with inversed logic:

"FileVault 2 Partition Encryption State" "Is" "Not Encrypted" -->

"FileVault 2 Partition Encryption State" "Is Not" "Encrypted"

Thank you for replying with the solution - I had the exact same problem and had referenced the same documentation.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded