+5I'm trying to hide FileVault option from being offered in setup assistant during pre-stage, and when I go to customize what steps I want to show, it's greyed out and I cannot skip it. Currently testing on a Mojave machine, but we also are deploying Ventura machines. Looking at Jamf and Apple documentation it seems I should be able to block this, but I can't figure out why its not allowing me to.
Best answer by Bol
Do you configure the 'Account Settings' payload, if so that is by design.
+11Do you configure the 'Account Settings' payload, if so that is by design.
+11So it's a little back to front in whats written (will disable in Setup Assistant) where items you want disabled are ticked. Jamf is actually disabling the check box as empty when I guess it should be greyed out with a tick, if that makes sense.
+5Do you configure the 'Account Settings' payload, if so that is by design.
Yes, I do have that configured, but I see that message there explains why I can't tick the box. The only thing I have set up is pre-filling the user info from the SSO sign-in. I don't quite understand why that specifically would prevent FileVault from being disabled.
+11I believe (might be wrong) unless user creation is completely handed off to setup assistant during enrolment, then filefault needs to be enabled upon login of that user.
+11There's a known issue where the recovery key isn't escrowed to mdm when FV is enabled during setup.
+9I too, want to pre-fill primary account information from SSO / Google LDAP and Lock primary account information at the local account creation screen, without enabling FileVault during Setup Assistant.
It's good to know that the reason Filevault is greyed out for us is because we have the 'Account Settings' payload configured.
What doesn't make any sense is why only recently, random enrollments are getting prompted to set up Filevault during Setup Assistant. PreStage hasn't been touched. I'd be ok with checking Filevault under 'Setup Assistant Options', but I can't, since Account Settings is configured, for reasons stated above.
Edit: It appears in 14.4, there is a new feature - "MDM can now enforce FileVault for standard users at Setup Assistant." That might correlate with what I've been seeing. But I don't know how to prevent this from happening. Actually, thinking about it more, I saw this issue on a fresh Ventura re-image as well, so maybe not related to 14.4+
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.