Filevault activate by TAHOE

In my experience with it, The FileVault option is offered once, and you can choose to not turn it on. I have logged in with the administrator account, as it was signed in when I did the upgrade. I was asked to turn on FileVault, and I declined. I have then signed in as a standard network user account, and I was not offered the option of FileVault.
This will be a pain, as it means when I set all of the labs to update, I will also need to sit there and sign in to them all, and refuse FileVault.
I can’t say I am impressed by the Widgets on the desktop either. Be nice if there is a MDM way of turning those off too.

It is problematic to have a local action. I don't see myself going around all the Macs during the update. I hope to find a workaround.

I have not had time to test this myself but I am interested in the solution.  I did notice when deploying a laptop with Tahoe beta it did ask to turn Filevault on as well.  We usually hold off on upgrading our fleet until x.1 release so I have time.

Life saver, we’re still directly Active Directory bound (we’re a University with a small budget, can’t move to Jamf Connect yet) and FileVault doesn’t work with user principal name logon.  Thankfully only one person affected, thank you SO much for posting this.

Rich Trouton

 

Awesome!

Is there anything that guy can’t do?

also check Jamf Connect config. Saw this when I had EnableFDE set to True

did this work for you?  I have it in my workflow but whenever I login to a new Tahoe build I still get the FV page.

So far it has been, what I did was deploy it to all computers right away in config profiles.  I then upgraded my own system to Tahoe, logged back in and was not prompted.  A couple of our other users I checked with said they were not prompted either, but I’m going to test again with a spare M1 iMac this morning.

It can get it to work with a new Tahoe build, sometimes with a MDM WIpe computer command, BUT NEVER with a Tahoe upgrade over the top of a Sequoia 15.6.1 (in particular) installation. I have been working on this for well over 12 hours now.

Thank you. It solves all my problems. No activation of FileVault whether it is an update of an existing computer or during a new registration with a Tahoe station.

Glad I am not the only one.  I can’t even get it working on a new build.  Not sure what I am doing wrong, seems like a pretty straightforward process.

Still seeing the issue as well after deploying the config profile.
Update: I was able to get the configuration profile working. I had a separate one deployed that skipped the software update notification, and once I combined both settings into a single profile, it worked as intended.

Hi Almai, 
What payload you select to upload the config profile?

I copied the config but not sure which payload to upload it on

Widgets can be disabled via a Configuration Profile/PLIST: https://github.com/rtrouton/profiles/tree/main/DisableDesktopWidgets

Also seeing this issue with rtrouton config 

I’ve pushed the profile but still FV prompt pops up. Does anyone know if it has to be done at Pre-stage? 

Pushing it later doesn’t seem to work for me.