Skip to main content

This little guy helps you enable FV2. In our workflow, we have laptops with mobile network accounts. We don't want the initial FV provision to be done on the local admin / management account (for obvious reasons).



FVHelper will check and skip account names that match the skipaccounts array ...
it will then prompt users to enable FV ...
it calls the jamf policy (with attached FV config so FV is enabled and key escrow is handled by jamf) ...
then force them to logout, so they can enter their passwords and start the encryption process ...



You can run it on the login trigger and / or via Self Service.



https://github.com/loceee/OSXCasperScripts/tree/master/FVHelper

external image link

Awesome!

Love this! Been looking for a less invasive way for current users to be able to FV without having them stop what they're doing.



Any plans to implement a defer timer, a la Patchoo, where users can no longer defer?

Hey yeah, there are few things I'd like to add to it. It's quick and dirty to get the job done right now. More robust and error checking. Feature wise:



- Defer counter.
- Add additional FV users



Any other ideas that people come up with that might be useful. Thanks for the feedback and glad it's helping a few people out. Making our FV deployment much less painful!

Latest commit
-defermode (5 defers by default) !
-localise your prompts
-remove checking for receipt and check fv status with fdesetup



Get it while it's hot!

A new commit to fix osascript display from root. Weird it didn't affect any of my test vms, or all of my clients.
This work better.



https://github.com/loceee/OSXCasperScripts/tree/master/FVHelper

Reply


Terms & ConditionsCookie settings